I have been reading about SHA-2 family and I found a lot of in depth details, but I am confused about how it is related to TLS and AES. TLS encrypts data between server and client, but does it make use of SHA and for what, like what kind of data?
Asked
Active
Viewed 1.9k times
1 Answers
7
SHA is related to AES in that they are both US government standards. They are not similar algorithmically.
SHA and AES are cryptographic primitives, TLS is a protocol. As the name describes SHA is a family of hash algorithms. AES is a block cipher. TLS uses many encryption algorithms, including AES in various modes, and several hash algorithms, including those in the SHA family. TLS may also use encryption algorithms not based on a block cipher, such as RC4.
TLS uses hash algorithms in order to provide message authenticity when the encryption algorithm does not provide authenticated encryption, via HMAC. SHA may also be used during client-server key exchange to compute the shared master secret, as a component of some PRF, generally also HMAC. TLS encrypts passwords in transit between client and server using the selected encryption algorithm, which could be AES.
SHA is also used in server certificates in order to verify their authenticity so a TLS connection is not created to an imposter. Verification is apparently not implemented well in a wide variety of systems.
I would suggest reading RFC 5246 in order to get a better idea of how TLS operates.
Richie Frame
- 13,278
- 1
- 26
- 42