Transport Layer Security (TLS)

Let's look into the Transport Layer Security (TLS) protocol.

The Transport Layer Security (TLS) protocol is a cryptographic protocol designed to provide secure communication over an insecure network.

It can provide confidentiality, authentication, and integrity.

It typically runs above a reliable transport layer protocol, such as TCP.

Note: However, equivalent protocols for unreliable transport layer protocols, such as DTLS, can work on top of UDP.

The sides participating in the communication are typically the client and the server, where the client is responsible for initiating the TLS connection.

Parts of TLS protocol

The TLS protocol has two main parts.

In the handshake part, the two sides negotiate the parameters to establish a connection.

In the data exchange part, the two sides can exchange data securely.

Modes of operation in TLS

TLS has different modes of operation depending on whether authentication needs to be performed and whether one or both sides need to be authenticated.

Note: When both sides are authenticated, this is commonly known as mutual TLS.

As a result, the workflow of the protocol will differ slightly. Here we will study the most common case, where only the server is authenticated. The following illustration shows the workflow in this case.

Get hands-on with 1400+ tech skills courses.