TLS/SSL Handshake

Vishnu Shivalal P
2 min readJan 8, 2023

What is TLS/SSL?

A TLS/SSL certificate is a certificate signed by a trusted CA (Certificate Authority). The TLS/SSL handshake is a process of establishing a secure connection between server and a client.

In TLS/SSL handshake protocol, the attacker can only see endpoints, but cannot read or modify the actual data. This protocol involve in the top 3 layers of OSI model and in TCP/IP model it belongs to application layer.

What is TLS?

TLS stands for Transport Layer Security. This is the latest industry standard cryptographic protocol. TLS is a successor to SSL (Secure Sockets Layer). This security standard is used to authenticate server and client and also it helps to encrypt data. The current version is TLS v1.3 and the older versions like TLS v1.1 & TLS v1.2 are more secure.

TLS/SSL Handshake Protocol Process

  1. The Client sends a request to the Server.
  2. The Server sends its public key to the Client along with its own SSL/TLS certificate.
  3. The Client’s browser checks and verifies whether the sent certificate is valid.
  4. The Client’s browser generates a randomly generated symmetric key and encrypts this symmetric key with the public key sent by the Server and sends it to the Server.
  5. The Server decrypts the encrypted symmetric key with the private key and the symmetric key is sent to the Server in a secure manner.
  6. From this stage onwards, the Server encrypts every data to be sent to the client’s browser using this symmetric key.
  7. Since the Client has this symmetric key, he decrypts the incoming encrypted data with the symmetric key and displays the page securely.

--

--

Vishnu Shivalal P

Cyber Security Engineer | Bug Hunter | Security Researcher | CTF Player | PenTester | Security Enthusiast | TryHackMe Top 1% www.linkedin.com/in/vishnushivalalp