Prince Sultan University College of Computer & Information Sciences Department of Computer Science CS391: Network & Computer Security Assignment 4 SSL Key Generation Process Objective: You are required to write an implementation of the SSL key generation process, where both parties simultaneously generate the common keys. The common keys include: The HMAC key used for hashing purposes The Symmetric Encryption key used to encrypt exchanged messages The Initialization Vector (IV) used in the RC4 encryption process Details: The key generation process is initiated in Phase 3 by the SSL client. The Client generates a 48 bit Premaster Secret key and sends it to the server after encrypting it in the Public Key of the Server. Both parties then generate the Master Secret using the relation: Sm = H1(Spm || H2 (‘A’ || Spm || Rc || Rs)) || H1(spm || H2 (‘BB’ || spm || Rc || Rs)) || H1(spm || H2 (‘CCC’ || Spm || Rc || Rs)) The actual key set is generated using the relation: Kb = H1(Sm || H2 (‘A’ || Sm || Rc || Rs)) || H1(Sm || H2 (‘BB’ || Sm || Rc || Rs)) || H1(Sm || H2 (‘CCC’ || Sm || Rc || Rs)) Where: Spm is the Premaster Secret, Rc is the Client Random, Rs is the Server Random, A, BB, CCC are literals, H1 and H2 are hash functions.