Transport Layer Security

Transport Layer Security is a method of encrypting network communications. Basically it’s working mechanism is based on the client-server communication. TLS is the successor of Secure Socket Layer(SSL). I am going to explain how TLS works.

TLS is based on the concepts of certificates. A certificate contains: a public key, server identity and a signature from a Certificate Authority(CA). The corresponding private key is never made public. When a data or message encrypted with the private key can only be decrypted with the corresponding public key and vice-versa.

NOTE: In the Cryptographic world, the two encryption method are--

1. Symmetric : use only one key(same key) for encryption & decryption

2. Asymmetric : use public & private key for encryption & decryption

Now, I am going to explain how a browser communicates to secure http server step-by-step.

1. The client initiates a connection to the server with ClientHello message. With this message the client also sends a 32-byte random number including a timestamp and a list of encryption protocols and ciphers supported by the client.
2. The server responds with a ServerHello message which contains another 32-byte random number with a timestamp ans the encryption protocol and ciphers the client should use. The server also sends the server certificate which consists of a public key, server identity like FQDN(Fully Qualified Domain Name) and a signature from a trusted CA.
3. Then the client verifies the server certificate and checks the signatures if they are made by a CA trusted by the client. If it verifies then the client creates a session key using the random numbers previously exchanged. Then client encrypts this session key using the public key from the server certificate and sends it to the server.
4. The server decrypts the session key. Then the client and server both start encrypting and decrypting all data send over the connection using this session key.