TLS 1.3 Dummy ChangeCipherSpec

0 votes
Hello,

In the TLS 1.3 lecture, the Dummy CCS message is not shown in the handshake slide. Does this mean it is implicitly sent within the ServerHello message? Or is it just missing from the slide?
by
edit history

1 Answer

0 votes
Hi,

CCS is only needed to announce that the keys are now used for encryption.

TLS 1.3 does not use CCS messages anymore, because the keys are already established in the CH+SH using the KeyShare extension.
Therefore, any following messages can be directly encrypted and the CCS message is not needed.

In some cases, CCS is sent to ensure backwards compatability with some middle-boxes.
This is explained in the lecture, see slide 81ff.

Cheers,
Sebastian
by (2.4k points)
edited by
edit history