https://www.techtarget.com/searchsecurity/definition/Transport-Layer-Security-TLS
Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications.
TLS is the most widely deployed security protocol in use today and is best suited for web browsers and other applications that require data to be securely exchanged over a network. This includes web browsing sessions, file transfers, virtual private network connections, remote desktop sessions and voice over Internet Protocol (IP). TLS is integrated into modern cellular transport technologies, including 5G, to protect core network functions throughout the radio access network.
TLS uses a client-server handshake mechanism to establish an encrypted and secure connection and ensure the communication's authenticity. The following is a breakdown of the process:
TLS uses a public key exchange process to establish a shared secret between the communicating devices. The two handshake methods are the Rivest-Shamir-Adleman and the Diffie-Hellman key exchange. Both methods establish a shared secret between communicating devices so the communication can't be hijacked. Once the keys are exchanged, data transmissions between devices on the encrypted session can begin.
A Secure Sockets Layer (SSL) certificate is a digital authentication of a website's identity that provides encrypted communication with the site. SSL is the predecessor to TLS. It generates an encrypted link between the user's browser and the web server hosting the website.
A certificate authority (CA) provides digital certificates that verify the public key ownership of whoever holds the certificate. It's essentially a third party between the owner of the SSL certificate and the user who must trust its authenticity.
The CA validates the identities of companies, individuals, websites and email accounts -- or any other entity that requires that validation -- and binds them to cryptographic keys via the certificate. The certificate provides authentication of identity, encryption of connections over the internet and the integrity of documents signed via the certificate.
TLS evolved from Netscape Communications Corp.'s SSL protocol and has largely superseded it, although the terms SSL or SSL/TLS are still sometimes used interchangeably. IEFT officially took over the SSL protocol to standardize it with an open process and released version 3.1 of SSL in 1999 as TLS 1.0. The protocol was renamed TLS to avoid legal issues with Netscape, which developed the SSL protocol as a key part of its original web browser. According to the protocol specification, TLS is composed of two layers: the TLS record protocol and the TLS handshake protocol. The record protocol provides connection security, while the handshake protocol enables the server and client to authenticate each other and to negotiate encryption algorithms and cryptographic keys before any data is exchanged.
The most current version of TLS, 1.3, was officially finalized by IETF in 2018. The primary benefit over previous versions of the protocol is added encryption mechanisms when establishing a connection handshake between a client and server. While earlier TLS versions offer encryption as well, TLS 1.3 establishes an encrypted session earlier in the handshake process. Additionally, the number of steps required to complete a handshake is reduced, substantially lowering the amount of time it takes to complete a handshake and begin transmitting or receiving data between the client and server.
Another enhancement of TLS 1.3 is that several cryptographic algorithms used to encrypt data were removed, as they were deemed obsolete and weren't recommended for secure transport. Additionally, some once-optional security features are now required. For example, Message-Digest Algorithm 5 cryptographic hashes are no longer supported, perfect forward secrecy is required and Rivest Cipher 4 negotiation is prohibited. This eliminates the chance that a TLS-encrypted session uses a known-insecure encryption algorithm or method in TLS version 1.3.
The benefits of TLS are straightforward when discussing using versus not using TLS. As noted above, a TLS-encrypted session provides a secure authentication mechanism, data encryption and data integrity checks. However, when comparing TLS to another secure authentication and encryption protocol suite, such as IP Security, TLS offers added benefits and is why IPsec is being replaced with TLS in many enterprise deployment situations. These include benefits such as the following:
There are a few drawbacks when it comes to either not using secure authentication or any encryption -- or when deciding between TLS and other security protocols, such as IPsec. The following are a few examples:
As mentioned previously, SSL is the precursor to TLS. Thus, most of the differences between the two are evolutionary, as the protocol adjusts to address vulnerabilities and improve implementation and integration capabilities.
Key differences between SSL and TLS that make TLS a more secure and efficient protocol are message authentication, key material generation and the supported cipher suites, with TLS supporting newer and more secure algorithms. TLS and SSL aren't interoperable, though TLS currently provides some backward compatibility to work with legacy systems. Additionally, TLS -- especially later versions -- completes the handshake process much faster than SSL. Thus, lower communication latency from an end-user perspective is noticeable.
This is almost a trick question, but it's useful to understand how the pieces all fit together. TLS encryption is, abstractly, a security protocol that lives between the web browser and the web server. It is somewhat common to think that TLS and HTTPS are interchangeable because HTTPS -- also a protocol -- is, in fact, a combination of the two. Put another way, if a website uses HTTPS, it's using TLS encryption -- technically a TLS connection.
Implementation flaws have always been a big problem with encryption technologies, and TLS is no exception. Even though TLS/SSL communications are considered highly secure, there have been instances where vulnerabilities were discovered and exploited. However, remember that the examples mentioned below were vulnerabilities in TLS version 1.2 and earlier. All known vulnerabilities against prior versions of TLS, such as Browser Exploit Against SSL/TLS (BEAST), Compression Ratio Info-leak Made Easy (CRIME) and protocol downgrade attacks, have been eliminated through TLS version updates. Examples of significant attacks or incidents include the following:
When a TLS connection springs to life between a web browser and a web server, some computer power is used to set it up with a few messages back and forth between them before any data. The handshake takes just a few milliseconds.
Once the TLS handshake has occurred, supporting technologies keep TLS running quickly: TLS False Start, which allows the web server and client to begin pitching and catching data before the handshake completion, and TLS Session Resumption, which uses an abbreviated handshake when a previously established session is resumed. TLS 1.3 completes the handshake in a single round trip between server and client.
Several free TLS checker tools are available to test whether a TLS connection is in place between a web browser and a web server. One example is SSL Server Test from Qualys. Browsers, including Microsoft Edge and Firefox, also include tools to check a website's TLS version. It's also easy to check a web browser's supported TLS versions using SSL/TLS Client Test from BrowserLeaks.
Critical network services, such as domain name system (DNS), must be protected against security breaches. Explore best practices for securing the integrity and privacy of DNS.
20 Feb 2025