[openssl-users] different encrypted text for the same plain text message

Dr. Stephen Henson steve at openssl.org
Fri Jul 29 17:34:00 UTC 2016

On Fri, Jul 29, 2016, R-D intern wrote:

> Hello Benjamin,
> Thanks for the reply.
> I know the purpose and benefit of creating different cipher texts of the
> same corresponding plain text.But I would like to know about the places
> where this randomness gets introduced to create different encrypted
> texts.Because SSL handshake takes place only once. After creation of  pre
> secret key(for an entire session) at both the client and the server ends,
> master key is created based on pre secret key, identifier label, client and
> server random numbers which is again maintained for an entire session . The
> master key is responsible for creating MAC key, bulk encryption key and IV
> for client - server  read - write.  If the bulk encryption key (which is
> responsible for encrypting the message ) for an entire session is fixed and
> constant, then how is the encrypted text different?

The master key along with client and server random values is used to derive
the session keys. That is the random values from the current session. So if
you resume a session the master key is the same but the random values differ
and so the session keys are different too.

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list