TLS is a security protocol mainly used to protect traffic between the web browser and websites via HTTPS.
It verifies who the sender and receiver are and ensures that the integrity of the data is protected by encryption. A padlock seen in the browser to the left of a website address means that the browser is establishing a secure connection with TLS.
Thanks to the secure connection, TLS creates a secure environment by protecting the traffic from attacks during information exchange. TLS 1.0 version is defined in RFC 2246, 1.2 version in RFC 5246, and 1.3 version in RFC 8846.
The server is the only device that guarantees its identity, but since it uses a PKI or public key infrastructure for clients for mutual authentication, client computers will not be authenticated.
This protocol prevents eavesdropping, does not alter the sender’s identity, avoids avoiding, and maintains the integrity of messages between a client and a server.
SSL/TLS has three basic stages: Negotiation, Authentication and Keys, and Secure Transmission.
Negotiation specifies cryptographic algorithms to be used to authenticate and encrypt information at both ends of the communication between client and server.
RSA, Diffie-Hellman, DSA (Digital Signature Algorithm) is used for public-key encryption, while RC2, RC4, IDEA (International Data Encryption Algorithm), DES (Data Encryption Standard), Triple DES or AES (Advanced Encryption Standard) are used for symmetric encryption. MD5 or SHA is used for hash functions.
In the Authentication and Keys stage, endpoints are verified through digital certificates, and keys are exchanged for encryption according to the negotiation structure.
In the Secure Transmission phase, encrypted and real information traffic for endpoints is initiated and transmitted.
TLS has cryptographic security, interoperability, extensibility, and efficiency features.
The purpose of cryptographic security is to establish a secure connection between the two parties. Interoperability ensures the exchange of cryptographic parameters between different applications.
Since cryptographic algorithms are computationally expensive, they have the ability to cache a session to reduce the number of sessions that need to be started from scratch using public-key encryption.
In a private connection, symmetric encryption algorithms are used to encrypt data, and keys are generated for each connection and have a private negotiation structure by another protocol. Also, it can be used without encryption.
A reliable connection has an integrity check for message transmission.
2. TLS Handshake Protocol
In TLS Handshake, the identity of the caller is authenticated using public-key cryptography, and this authentication can be optional but is usually applied to at least one of the callers. Shared private negotiation traffic is safe.
There are many implementations and types of the security protocol used today, as well as secure versions of programs using unused protocols. There are secure versions of protocols such as HTTP, NNTP, LDAP, IMAP, POP used in server and client devices.
For example, the definition of HTTP protocol over SSL/TLS is HTTPS. HTTPS protocol uses public-key certificates to authenticate endpoints and provides security to WWW pages for applications such as e-commerce or online education services.
Visa, MasterCard, American Express, and almost all major financial institutions use SSL for online business services. In addition, SMTP and SSH protocol provide a secure connection over SSL/TLS.
The versions of POP3 and IMAP4 used for secure transfer over secure SSL/TLS are POP3S and IMAPS. Additionally, SSL can be used to tunnel an entire network and create a virtual private network (VPN), as OpenVPN does.
OpenSSL is the most widely used open-source application and a project developed for free download by the open-source community. Supports SSL/TLS implementation of the system by offering a suite of security management tools and encryption libraries available for OpenSSH and web browsers.
What Is It Used For?
The main task of this encryption protocol is to protect e-mail traffic, however, it is widely used to securely protect web links with the WWW protocol and web pages with HTTP/HTTPS in conjunction with SSL.
It is used to protect data transfer between different applications or programs on personal computers or server-based systems. In situations requiring information exchange between a client and a server, it will depend on usage defined by the application developers.
How Does It Work?
When the browser wants to connect to the X website using the HTTPS protocol, its server sends a certificate containing its public key (encrypted) to the browser client.
The browser verifies the certificate and generates a symmetric key valid only for this session. The server decrypts the symmetric key with its private key and then sends the data encrypted with the symmetric session key to the client.
The browser decrypts the data with a symmetric session key, making it readable. Thus, TLS ensures that information is protected during data transfer and cannot be obtained by attackers.
TLS makes the data flow traffic between the sender and receiver more secure on the web. It can be ensured that data traffic is carried out not only on the web but also with 3rd party software installed on the operating systems of the user’s computers via TLS.
The security provided by the TLS can be costly and the data transmission rate can create a slow connection because operations such as certificate, random number, and key exchange are computationally difficult to do.