TLS is the protocol for encrypting the information during transporting them via the Internet. To connect the client and the server to use TLS protocol and set up the secure connection between them the below steps need to be done (we can call it as TLS handshake):
- The client sends ‘Hello’ message to the server. The message contains the information about which versions of TLS or SSL protocols and which cryptographic alghoritms are supported by the client.
- The server responds with ‘Hello’ message which contains:
- the information which alghoritm was chosen by the server,
- session ID,
- server’s digital certificate,
- public key.
- The client checks the certificate with the certificate authority - then the client is sure that it can trust the server.
- The client sends to the server a random string encrypted with the public key which got from the server. This random string we can call ‘shared key’.
- The client sends ‘finished’ message to the server. The message is encrypted with the shared key.
- The server sends ‘finished’ message to the client. The message is encrypted with the shared key too.
After that handshake, the client and server can communicate with each other securely. The picture below shows the flow of messages. The next messages between the client and the server are encrypted with the shared key.
Thank you for visiting my website. I hope you enjoyed content which I prepared and learned something valuable from it. If you want to be informed about my next entries or occasionally get a message with a collection of some interesting links, please subscribe to my newsletter. I will be extremely pleased if you do this and join my community!