What’s TLS?

Print anything with Printful



Transport Layer Security (TLS) is a cryptographic protocol that provides data privacy and integrity for communications over open networks. It encrypts data units from one end of the transport layer to the other, preventing tampering, message forgery, and eavesdropping. TLS involves a handshake procedure that becomes the mutual agreement for the connection’s security parameters. TLS uses 128-bit or higher keys for ciphers.

Transport Layer Security (TLS), formerly called Secure Sockets Layer (SSL), is a cryptographic protocol. It supports data privacy and integrity for communications over open networks, such as the Internet. In other words, TLS provides security that ensures data is consistent and correct, in both client and server applications.

In the world of computer networking, the Transport Layer is a group of protocols and methods intertwined within the network architecture. Its main function is to decompose data blocks into data units, which can be more easily transferred across the network infrastructure. TLS encrypts these units, or segments, from one end of the transport layer to the other.

Many of these protocols are used in applications such as instant messaging, web browsing and email. TLS is a standards tracking protocol, which means that there are definite specifications of the methodology or technology applicable to the Internet. All standards for the Internet are created by the Internet Engineering Task Force (IETF).

To put it simply, Transport Layer Security is there to prevent tampering, message forgery, and eavesdropping. This includes communications within one-way connection modes, as well as two-way connection modes. The Transport Layer Security process can be divided into three phases: peer negotiation for algorithm support, key exchange and certificate-based authentication, and traffic encryption based on symmetric ciphers.

These steps, when combined, allow the TLS protocol to exchange records, compress them, and then encrypt them with a message authentication code (MAC). In some cases, the server may request a certificate from the client to ensure that the connection is mutually authenticated. Simply put, a Transport Layer Security client and server connect using a handshake procedure. This handshake becomes the mutual agreement for the connection’s security parameters.

For example, a simple connection, or handshake, usually involves an initial ClientHello message, a ServerHello response message, a Certificate message, and finally a ServerHelloDone message. It would then continue with a ClientKeyExchange message, a ChangeCipherSpec record, and a ChangeCipherSpecFinished message. Larger handshakes can involve messages like CertificateRequest and CertificateVerify.
Multiple handshake messages can be combined into one record. In case of fatal error signals, the session will be closed immediately. In its early stages, government restrictions on the export of cryptographic technology allowed SSL to use only a maximum of 40-bit symmetric keys. Today, TLS uses 128-bit or higher keys for ciphers.




Protect your devices with Threat Protection by NordVPN


Skip to content