Overview#Following the ClientKeyExchange both sides now know the 48 byte (256 bit) Premaster Secret
master_secret = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random)
- Premaster Secret - is the value from the User-agent sent in the ClientKeyExchange
- "master secret" - ASCII Text
- ClientHello.random - The random value sent in the ClientHello
- ServerHello.random - The random value sent in the ServerHello
- PRF - The Pseudorandom function that is defined the specification for TLS 1.0.
The TLS Pseudorandom function combines the data we give it by using the keyed-Hash Message Authentication Code (HMAC) versions of both MD5 and SHA-1 hash Functions. Half of the input is sent to each hash function. This is clever because it is quite resistant to attack, even in the face of Cryptographically Weak hash Functions for MD5 and SHA-1. This process can feedback on itself and iterate forever to generate as many bytes as we need.Exploits against SSL-TLS and often they are a result of Cryptographically Weak Pseudorandom generators functions.