TLS and SSL
Transport Layer Security (TLS) protocol is the successor to the Secure Sockets Layer (SSL) protocol which has been prohibited from use by the Internet Engineering Task Force (IETF) due to its vulnerabilities to attacks.
They are both protocol suites that have been implemented to function as an additional layer of security between the transport layer and the application layer.
When a TLS/SSL protocol is implemented, HTTP (Hyper-text Transfer Protocol) becomes HTTPS – S for Secure.
The Handshake protocol of the TLS/SSL protocol suite is implemented to establish a secure communication session between the client and the server. Once the handshake process is finished, secure message exchange is available using a shared symmetric key.
Client->Server: “client hello” + list of supported cipher suites\n and TLS/SSL versions
Server->Client: “server hello” + ciper suite and TLS/SSL version\n chosen + digital certificate
Note left of Client: extract public key
Note left of Client: generate pre-master key*
Client->Server: encrypted pre-master key
Note right of Server: decrypt pre-master key
Note left of Client: generate shared secret**
Note right of Server: generate shared secret
Client->Server: test message encrypted with shared secret
Note right of Server: message decrypted
Server->Client: test message encrypted with shared secret
Note left of Client: message decrypted
Client->Server: “client finished”
Server->Client: “server finished”
Client–>Server: start secure message exchange
* pre-master key: used to generate a formatted shared secret
** shared secret: symmetric session key