Encrypting Client Random

The client random is encrypted by the client with the server's public key (obtained from the Server Security Data (section using RSA. Mathematically the encryption operation is formulated as follows.

 c = r^e mod n


 c = encrypted client random
 r = unencrypted client random
 e = public exponent
 n = modulus

The client random value is interpreted as an unsigned little-endian integer value when performing the encryption. The resultant encrypted client random is copied into a zeroed-out buffer, which is of size:

 (bitlen / 8) + 8

For example, if the public key of the server is 512 bits long, then the zeroed-out buffer is 72 bytes. This value can also be obtained from the keylen field in the public key structure (section The buffer is sent to the server in the Security Exchange PDU (section

Example Java source code that shows how to use a public 64-byte asymmetric key to encrypt a 32-byte client random using RSA is presented in section 4.8. The code also shows how to use the associated private key to decrypt the ciphertext.