<div>
Its main purpose is to keep data confidential. &amp;&nbsp;data integrity - if someone or something, willingly or not, alters data in transit, then the receiver must be able to reliably detect it.
</div>


Its main purpose is to keep data confidential. & data integrity - if someone or something, willingly or not, alters data in transit, then the receiver must be able to reliably detect it.

<div>
So when client sends some packet to server it encrypts the packet with master secret and same way server also encrypts with this same master secret and send the packet to client ?<br />
Then where does the encryption that is sent in cypher suite comes into play ?
</div>


So when client sends some packet to server it encrypts the packet with master secret and same way server also encrypts with this same master secret and send the packet to client ?
Then where does the encryption that is sent in cypher suite comes into play ?

<div>
Hi,<br />
I still have some confusion. I understand that master secret is computed from pre-master secret and random values.<br />
But as you mentioned that all messages from client to server and server to client are encrypted using session keys...<br />
<br />
1) Both sides have same session keys ?<br />
2) where is the master secret used here..... is it used to decrypt the messages whereas session keys are used to encrypt the messages ?
</div>


Hi,
I still have some confusion. I understand that master secret is computed from pre-master secret and random values.
But as you mentioned that all messages from client to server and server to client are encrypted using session keys...

1) Both sides have same session keys ?
2) where is the master secret used here..... is it used to decrypt the messages whereas session keys are used to encrypt the messages ?

<div>
<div class="content wysiwyg-content">
Hi,<br />
In SSL handshake a master secret is generated. I guess this secret is the same for both client and server.<br />
where exactly is this used. Is it used to encrypt or decrypt data ?<br />
client and server already exchange a cipher suite how is the cipher suite related to this master secret <br />
<br />
Thanks
</div>
</div>


Hi,
In SSL handshake a master secret is generated. I guess this secret is the same for both client and server.
where exactly is this used. Is it used to encrypt or decrypt data ?
client and server already exchange a cipher suite how is the cipher suite related to this master secret 

Thanks

Whats the use of master secret

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Encryption

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.