Why random numbers are used in network security?

Why random numbers are used in network security?

At CloudFlare we need lots of random numbers for cryptographic purposes: we need them to secure SSL connections, Railgun, generating public/private key pairs, and authentication systems. Both seed their random number generators from a variety of sources to make them as unpredictable as possible.

What does random numbers have to do with encryption?

Those random numbers are a cryptographic key, which unlocks the content of the encrypted message, but it’s useless for deciphering other messages, just as your house key opens your front door but not your neighbor’s. Your encryption system is thus only as strong as your cryptographic key is unpredictable.

How is random number generation used?

Randomness is used to obscure links between keys and messages and to remove any pattern in choices of secure numbers. The fact that most computerized random number generators are deterministic means that the numbers generated come from a finite pool and will ultimately at some point repeat and follow some pattern.

How are client random and server random used in TLS?

The client random and the server random are later used to generate the key for encryption. In the original TLS 1.2 specification, the first 4 bytes were supposed to represent the current date and time of the client (in epoch format) and the remaining 28 bytes was supposed to be a randomly generated number.

How does the server select the preferred version of TLS?

The server selects the preferred version of the SSL/TLS protocol from among those presented by the client. This is a 32-byte random number. The server random and the client random are later used to generate the encryption key.

What do you need to know about TLS handshake protocol?

Establishing a Secure Session by Using TLS. The TLS Handshake Protocol involves the following steps: The client sends a “Client hello” message to the server, along with the client’s random value and supported cipher suites. The server responds by sending a “Server hello” message to the client, along with the server’s random value.

How does the server prove its identity in TLS?

The client and server make contact and choose the cipher suite that will be used throughout their message exchange. In TLS, a server proves its identity to the client. The client might also need to prove its identity to the server. PKI, the use of public/private key pairs, is the basis of this authentication.