SSL (Secure Socket Layer) and TLS (Transfer Layer Protocol) are cryptographic protocols to provide security over a network. TLS is an upgraded version of SSL and is more secure providing more privacy and data integrity.
When does a TLS handshake occur?
Every SSL/TLS connection commences with a “handshake” — the negotiation between two multitudes defines how they’ll proceed. It is used between web client and server to establish trust and then negotiate what secret key should be used to encrypt and decrypt the conversation.
A TLS handshake takes place whenever a user navigates to a website over HTTPS and the browser first begins to query the website’s origin server.
The handshake determines what cipher suite will be used to encrypt their information, authenticates the server, and establishes that a secure connection is in place before commencing the actual transference of data. This all happens in the background; every time you direct your browser to a secure site a complex interaction takes place to make sure that your data is safe.
Let us now see how SSL/TLS handshake takes place-
Step1- Client says Hello
The client initiates the handshake by sending a “hello” message to the server. The message will include which TLS version the client supports and the cipher suites.
Step2- Server says Hello
In reply to the client hello message, the server sends a message containing the server’s SSL Certificate and the server’s chosen cipher suite.
Step3- Certificate Authority
The client verifies the server’s SSL certificate with the certificate authority that issued it. This confirms that the client is interacting with the actual owner of the domain.
Step4- Client Key Exchange
The client sends one more random string of bytes, the “premaster secret.” The premaster secret is encrypted with the public key and can only be decrypted with the private key by the server. (The client gets the public key from the server’s SSL certificate.)
Step 5- Private key used
The server decrypts the premaster secret.
Step 6- Session keys created
Both client and server generate session keys from the premaster secret. They should arrive at the same results.
Step7- Finished (Client)
The client sends a “finished” message that is encrypted with a session key.
Step8- Finished (Server)
The server sends a “finished” message encrypted with a session key.
The handshake is completed, and communication continues using the session keys.