Introduction
Hello Ninjas, We are back with another article that is based on Cryptography - Transport Layer Security.

What is Cryptography?
Cryptography is the art of protecting Data and Information in an unreadable format and then retransmitting that message back to its original form. Cryptography allows you to store some sensitive information like passwords and addresses or send it through insecure networks like the Internet.
This approach is used for encryption key generation, data privacy verification, digital signature, and private communications, that includes banking transactions and email. It uses some codes to protect the data from attacks so that it is in a readable format only for the ones the data is supposed to be.

Cryptographic protocols provide secure, private connections, enabling two parties/users to communicate with security and data integrity. The Transport Layer Security (TLS) protocol evolved from the Secure Sockets Layer (SSL) protocol. TLS provides integrity, authenticity, and security through the use of cryptography.
Moving forward, let's discuss what Transport Layer Security is.
Transport Layer Security(TLS)
Transport Layer Security(TLS) is an encrypted and secured protocol that encrypts the communication between two parties or between applications and servers. TLS encrypts the data exchanged over the Internet, ensuring that hackers or third parties cannot see the useful private information transmitted by the user, like passwords and personal correspondence.
Transport Security Layer(TLS) is the successor of the Secure Socket Layer(SSL); both are security protocols and are sometimes used interchangeably.
It is needed to provide security in the transport layer.
TLS is usually implemented on top of TCP(Transmission Control Protocol) which further encrypts Application Layer protocols such as FTP, SMTP, and HTTP. However, it can be implemented on DCCP, UDP, and SCTP.
Internet Engineering Task Force(IETF) is an international standards organization who was successful in proposing the Transport Layer Security(TLS).
What does TLS do?
The three main components of TLS are Authentication, Encryption, and Integrity.
-
Authentication
It authenticates the identity of the parties exchanging the information.
-
Encryption
It hides the data transmitted from third parties.
-
Integrity
It verifies that the data has not been altered or tampered with.
TLS does not secure the data all over the computer network. Its priority is to ensure confidentiality and secure data delivery over the network via the Internet without any alteration of the content or any type of bug.
Now before moving on to the working of the TLS, let's see what SSL is.
Secure Socket Layer(SSL)
Secure Socket Layer was developed by Netscape in 1195. SSL is used to provide security and privacy to communication. In order to provide high privacy, it encrypts the data between a server and client, which means any third party tries to see the information; they will only see a set of characters that are difficult to decrypt.
SSL initiates a communication process called a Handshake between two communicating devices to ensure both of them are really who they claim to be.
The TLS uses this protocol to establish the connection between the client and the server.
Let's move on to the working of Transport Layer Security(TLS)
Working of TLS
TLS uses a protocol or, we can say, a mechanism known as a client-server handshake mechanism. It is used to establish a connection that is encrypted and secure to ensure the authenticity of the communication. Now, whenever a user visits a website at a particular moment, TLS Handshake starts between the client and the web server. Let's see the breakdown of the process in phases:
In Phase 1:
-
At the very start, the client and server get familiarized with a hello signal from each side.
-
The client sends a session ID, cipher ID, etc.
- The sender returns an encryption algorithm which is chosen from the cipher suite and a compression algorithm which is sent from the client's hello signal.

In phase 2:
-
In phase 2, The web server must send its authentication certificate and request the client authentication for security purposes.
-
Along with the authentication certificate, the server also sends its public encryption key.
-
And finally, the phase with a 'server hello done message is shown.
- Once the server sends its private key, the client can use it to encrypt its own private key, which will be used to encrypt the data being communicated or exchanged between the client and the server.

In phase 3:
-
In this phase, now the client will send its authentication certificate after verifying the server (Certificate sent by the server) with respective Certificate Authorities (CA).
- Another thing that the client sends is a secret private key that is encrypted using the public key sent by the server previously.

In phase 4:
-
In the last phase, the client sends two cipher functions, a 'status' and a 'finished' message, to end the handshake process from its side.
-
The web server also sends the status of the cipher algorithms.
- The data is encrypted with the symmetric key client sent in phase 3.

At the end of phase 4, the authentication is complete, and authenticity is maintained between the client and server during the entire process.

Benefits of TLS
The benefits of TLS are as follows:
-
TLS provides a secure authentication mechanism.
-
TLS offers special auditing and logging capabilities built directly into the protocol.
-
TLS controls the data transmitted and received on an encrypted session.
-
TLS should be used for applications like instant messaging, e-mail, file sharing, audio/video conferencing, and Internet services.
- TLS is easy to use as it is implemented beneath the application layer, so most of the operations are invisible to the client (This is what the application layer does).