TLS – Transport Layer Security

Transport Layer Security (TLS) is a protocol that provides communication security for networks.

TLS allows communications across a network in a way that prevents tampering and eavesdropping on the data being transmitted. The communications are encrypted at the transport layer, hence the name Transport layer security, on each end of the communication. TLS is based on the earlier SSL 3.0 (Secure Sockets Layer) specification.

TLS is most commonly used in internet browsers and the authentication is only one-way. The web server is authenticated, but not the user’s browser.

The client and server exchange codes when a TLS connection is first established. There are three algorithms that are negotiated:

  • Key exchange and authentication algorithm to use during the handshake
  • Encryption algorithm to encipher the data, such as AES
  • Message Authenctication Code to create the cryptographic hash of each block of the message