0

I am learning about how tls 1.3 works and I do not understand how does it prevents a man in the middle setting a shared secrect with the client and a shared secret with the server and reading all of the data. I couldn't find the answer online so I will really apriciate if someone can explain it to me.

bob
  • 73
  • 7
  • In short: active MITM is prevented by certificate based authentication, i.e. that the certificate by the server is trusted and the MITM certificate by the attacker is not trusted. This is not specific to TLS 1.3, but SSL/TLS in general. – Steffen Ullrich Nov 14 '22 at 13:14

0 Answers0