TLS

TLS (Transport Layer Security) is the cryptographic protocol that secures communications over the internet. It is the successor to SSL (Secure Sockets Layer) and is what powers HTTPS connections today. Despite the terminology, the terms "SSL" and "SSL/TLS" are often used interchangeably in everyday conversation.

TLS vs SSL

SSL was the original security protocol developed by Netscape in the 1990s. It had several serious vulnerabilities (POODLE, DROWN) and has been deprecated. TLS 1.0 and 1.1 are also deprecated. The current standards are TLS 1.2 and TLS 1.3.

What TLS Does

• Authentication — Verifies the server's identity via a digital certificate.
• Confidentiality — Encrypts data so only the intended recipient can read it.
• Integrity — Ensures data has not been altered in transit using message authentication codes (MACs).

The TLS Handshake

Before encrypted communication begins, the client and server perform a handshake:

1. Client sends supported TLS versions and cipher suites.
2. Server selects a cipher suite and sends its certificate.
3. Client verifies the certificate against trusted Certificate Authorities.
4. Both parties derive a shared session key.
5. Encrypted communication begins.

TLS 1.3 Improvements

TLS 1.3 (2018) reduced the handshake from 2 round trips to 1, removed weak cipher suites and added 0-RTT (Zero Round Trip Time Resumption) for returning visitors — making secure connections faster than ever.