TLS (transport layer security) is the secure communication protocol used by much of the internet. Everything from the encrypted connection your web browser uses to connect to websites, to the secure connections used by your banking apps, TLS is the industry standard, and the reason you’re able to confidently transfer sensitive information online.
This guide breaks down what a TLS handshake is, how it works, and its significance in network security and ensuring your communications are private and that they are not intercepted or tampered with.
What is a TLS handshake?
TLS encryption is the standard cryptographic protocol used to secure network communications, including the data you send over the internet.
Before encrypted communication can occur, trust must be established between the two communicating parties (for example, the web server hosting a website and your web browser accessing it).
That’s what the TLS handshake does; it establishes a secure channel between the client and server by communicating which TLS versions and cipher suites are supported by both, authenticating the identity of the server using its public key and SSL certificate, and finally generating session keys that will be used to uniquely encrypt the connection.
TLS vs. SSL
TLS is the successor to SSL (Secure Sockets Layer), replacing it as the encryption protocol underpinning HTTPS (the secure HTTP protocol that delivers webpages to your browser and data to your apps). TLS is also used by other software that requires secure network communications, such as VPN solutions.
Cryptographic elements involved
TLS encryption relies on several cryptographic elements/concepts:
- The cipher suite: The cipher suite is the algorithm used to secure a TLS encrypted connection. Each suite contains a key exchange algorithm, bulk encryption algorithm, and a MAC (message authentication code) algorithm.
- Symmetric encryption: A single cryptographic key is used to secure the connection by both the server and client. Both parties must know what the key is, and no third party should know/be able to guess it, or the security of the connection is compromised.
- Asymmetric encryption: Also known as public key encryption, in this encryption method the server and client use separate private and public keys to encrypt data and secure the connection. The private key is required to decrypt data encrypted by the public key.
- Authentication: To connect securely to a server (and not an impersonator), it needs to be able to prove its identity beyond a doubt by authenticating.
TLS versions and compatibility
TLS 1.0 was released in 1999, TLS 1.1 was released in 2006, TLS 1.2 in 2008, and the latest TLS version 1.3 was released in 2018. Each release included significant improvements to security, including additional cipher suites and protection against new attacks.
Most servers support both TLS 1.3 and TLS 1.2 for backwards compatibility with older clients.
Step-by-step process of a TLS handshake
TLS 1.3 greatly streamlines and enhances the security of the handshake process over previous versions. Here’s the process used to secure a TLS 1.3 connection in detail:
- Client hello: The client sends a “hello” message to the server to initiate the TLS handshake and connection. This includes the TLS versions, cipher suites, key share method, and extensions it supports. It also includes the “client random” which is random data that will be used to generate the master secret. In many cases, the premaster secret parameters can also be generated when the client can guess which key share method the server will use (often the case due to the reduced number of cipher suites supported by TLS 1.3), reducing the number of round-trips required for the client and the server.
- Master secret: The server selects a TLS version, cipher suite, and key share that is compatible with the client and generates its “server random”. Once the client and server have the client random, premaster secret, and server random, they can independently generate the same master secret.
- Server hello and asymmetric communication: The server responds to the client hello by sending the selected TLS version, cipher suite and the server SSL/TLS certificate containing its public key and certificate authority (CA). The client can verify the server’s identity with the CA.
- Session key generation: The client and server generate matching session keys from the master secret.
- “Finished” messages and symmetric communication: The client and server exchange “finished” messages containing the symmetric session key and a hash of the handshake process that has taken place to ensure that it has not been interfered with. The TLS handshake is completed once the “finished” messages have been decrypted and validated by both parties.
Once the TLS handshake has been completed, the connection can be used to securely transmit data using the symmetric session keys.
Troubleshooting TLS handshake issues
The most common cause of TLS handshake issues is the time being set incorrectly on the server or client (an easy fix). Out-of -date CAs on the client are also a potential cause if your operating system hasn’t been updated in a while.
On the server side, TLS connections will fail if there are no mutually supported TLS versions or cipher suites, or if the SSL/TLS certificate has been revoked by the CA, expired, or if the hostname of the server doesn’t match the one on the certificate.
If you have network connectivity issues or are connecting to a slow server, TLS handshakes may fail if they time out due to latency.
Secure communication protocols aren’t completely safe
TLS underpins the network security of pretty much everything happening online at the moment. However, just because it can securely transmit data (after the all important TLS handshake), doesn’t mean what it securely transmits isn’t harmful.
Just because you have a secure connection to a website doesn’t mean that it can’t host a virus, so you should stick to downloading software from reputable websites (or even better, official app stores), and if you’re running a business, protect and secure your infrastructure with robust endpoint management.
