TLS (Transport Layer Security) is a security protocol that is used to establish a secure communication channel between two systems, typically a web server and a web client (such as a web browser).
Here is a high-level overview of how the TLS Handshake works:
- The client sends a “ClientHello” message to the server, which includes a list of supported cryptographic protocols and a random number called the client random.
- The server responds with a “ServerHello” message, which includes the selected cryptographic protocol and a random number called the server random. It also includes the server’s digital certificate, which is used to establish the server’s identity.
- The client verifies the server’s certificate and generates a session key, which is used to encrypt the rest of the communication. The client sends the session key to the server, encrypted with the server’s public key.
- The server uses its private key to decrypt the session key and both client and server are now able to communicate securely using the session key.
- The server will send a “ServerHelloDone” message to the client indicating that the handshake is complete.
- Finally the client will send a “ClientHelloDone” message.
During the communication, the data is encrypted using the session key and integrity is maintained by verifying that the message has not been tampered with by using a message authentication code (MAC). The encryption and integrity verification done by the session key is called as symmetric encryption.
This process, called the TLS Handshake, helps to establish an encrypted, authenticated connection between the two systems, ensuring that the data exchanged between them is private and cannot be tampered with.