What is TLS/SSL and how does encryption work?

· Category: Networking

Short answer

TLS (Transport Layer Security) and its predecessor SSL encrypt data transmitted between clients and servers. TLS ensures confidentiality, integrity, and authentication for internet communications.

How it works

The TLS handshake occurs before data transmission:

  1. The client and server agree on supported TLS versions and cipher suites.
  2. The server presents its digital certificate containing a public key.
  3. The client verifies the certificate against trusted Certificate Authorities.
  4. The client generates a pre-master secret, encrypts it with the server's public key, and sends it.
  5. Both parties derive session keys for symmetric encryption.

All subsequent data is encrypted with these session keys, providing fast and secure communication.

Example

When you visit your bank's website, TLS encrypts your login credentials and account details, preventing attackers on the same network from reading them.

Why it matters

TLS protects against eavesdropping, tampering, and impersonation. Modern versions like TLS 1.3 improve performance and remove outdated algorithms. Always disable SSLv3 and TLS 1.0/1.1.