Introduction to Encryption III – Overview of TLS/SSL Handshake

TLS and SSL


Transport Layer Security (TLS) protocol is the successor to the Secure Sockets Layer (SSL) protocol which has been prohibited from use by the Internet Engineering Task Force (IETF) due to its vulnerabilities to attacks.

They are both protocol suites that have been implemented to function as an additional layer of security between the transport layer and the application layer.

When a TLS/SSL protocol is implemented, HTTP (Hyper-text Transfer Protocol) becomes HTTPS – S for Secure.

TLS/SSL Handshake


The Handshake protocol of the TLS/SSL protocol suite is implemented to establish a secure communication session between the client and the server. Once the handshake process is finished, secure message exchange is available using a shared symmetric key.

participant Client
Client->Server: “client hello” + list of supported cipher suites\n and TLS/SSL versions
Server->Client: “server hello” + ciper suite and TLS/SSL version\n chosen + digital certificate
Note left of Client: extract public key
Note left of Client: generate pre-master key*
Client->Server: encrypted pre-master key
Note right of Server: decrypt pre-master key
Note left of Client: generate shared secret**
Note right of Server: generate shared secret
Client->Server: test message encrypted with shared secret
Note right of Server: message decrypted
Server->Client: test message encrypted with shared secret
Note left of Client: message decrypted
Client->Server: “client finished”
Server->Client: “server finished”
Client–>Server: start secure message exchange
Server–>Client:

* pre-master key: used to generate a formatted shared secret

** shared secret: symmetric session key

Leave a Reply

Your email address will not be published. Required fields are marked *