I was reading about TLS/SSL protocol. There is two important points that are stopping me from proceeding further.
1) What is the need for maintaining message integrity in TLS/SSL. If server is always authenticated and there is a private channel established between client and server (thereby ruling out Man in the middle attack), how can someone modify the message in transit?
2) Even if there is a need to maintain integrity check, which hash function will be used? When is this contract established between client and server?
Any relevant reading links will be of great help. Thanks!
Because you can’t guarantee that there is a private channel in all situations – e.g. someone could control one of the many routing points between two hosts over the internet and perform an MitM attack.
The hash function is decided during the handshake. It is usually a HMAC version of a relatively strong hash function, e.g. an SHA2 family or Whirlpool.
The description of the TLS protocol handshake on Wikipedia is very detailed and should help you understand how the cipher, hash function and other parameters are selected.