Transport Layer Security

Introduction

 
In this article, we are going to discuss Transport Layer Security (TLS). We are going to find out what TLS is and take a look at its main properties.
 

What is Transport Layer Security (TLS)?

 
“Transport Layer Security is a networking protocol that facilitates end-to-end communications security.”
 
TLS prevents eavesdropping, tampering, and message forgery during online communications and transactions. Some of the common TLS usage include browsers, instant messaging such as Skype, emails, and Voice over IP (VoIP).
 
TLS is a security protocol and its architecture allows it to be used with a transport protocol such as TCP. It can also be used by some applications as a transport medium.
 
TLS may be considered as an improvement of Secure Socket Layer. Actually TLS 1.0 was first published as SSL version 3.1 and they had to change its name to TLS since it was no longer a product of Netscape. Over the years the abbreviations TLS and SSL have been used interchangeably. The latest version of TLS is 1.3 which was released in
2018.
 
TLS uses HTTPS to secure and encrypt data on top of the HTTP protocol. Browsers that use TLS can be identified by a padlock icon in the address bar and the use of such secure sites has gained popularity over the years.
 

How does the Transport Layer Security work?

 
Because of its secure platform, TLS is becoming the standard approach to websites and web applications nowadays. TLS provides protection against attacks such as DDoS and data breaches.
 
TLS resides on top of a transport layer security protocol and comprises of the following components:
  • Encryption - for hiding shared data.
  • Authentication - for identity verification.
  • Integrity - for data verification.
TLS is a security protocol; whose core function is to ensure data integrity and privacy. To achieve these basic security functions, TLS has to follow certain specific procedures. Initially, TLS has to ensure that data is shared between the server and the client is secured.
 
TLS protocol is made up of two sub-protocols:
  • TLS Handshake - authenticates the client and the server and establishes an encryption algorithm before data transmission.
  • TLS Record - Encrypts data to ensure a secure and reliable connection using data encapsulation and encryption services.

TLS Handshake

 
A TLS establishes a set of algorithms known as the cipher suite. The cipher suite specifies details such as the session keys and shared encryption keys for a given session. TLS makes use of the public key cryptography to match these session keys on an unencrypted channel.
 
TLS handshake also enables authentication between the client and the server exchanging and verifying their identities through the use of public keys. Public keys use one-way encryption, meaning that anyone can unscramble data encrypted with the private key to ensure its authenticity, but only the original sender can encrypt data with the private key.
 
Once data is encrypted and identities are verified (authentication), TLS signs the data with a Message Authentication Code. The MAC ensures that the data is not tampered with and only the recipient can verify the MAC.
 
Here is an image that shows what happens during a handshake:
 
 

TLS Record

 
TLS Record Protocol is a huge notebook that records every TLS operation. TLS Record will take note of every connection attempt, approval, rejection, message, etc. It can be broken down into several smaller units, each responsible for a specific process of the TLS operations.
 

Conclusion

 
Transport Layer Security is a very trusted protocol in today's technology as businesses and individuals begin to rely on it for safer and secure browsing and transactions on the web. It builds trust in customers to visit business web pages without fear of attacks, losing data, or monetary value.