What is TLS?
Transport Layer Security (TLS) is a cryptographic protocol that provides end-to-end security of data sent between applications over the Internet. It is most familiar to users through its use in secure web browsing, particularly the padlock icon that appears in web browsers when a secure session is established. It is also commonly used to secure other applications such as e-mail, file transfers, video/audio conferencing, instant messaging and voice-over-Internet Protocol, and Internet services such as Domain Name System (DNS) and Network Time Protocol (NTP).
Why is TLS important?
Data has historically been transmitted unencrypted over the Internet. Where encryption was used, it was typically employed piecemeal for sensitive information such as passwords or payment details. Without TLS, sensitive information such as logins, credit card details, and personal information can easily be gleaned by others, where browsing habits, e-mail correspondence, online chats, and conference calls can also be monitored. Enabling client and server applications to support TLS ensures that data transmitted between them is encrypted with secure algorithms and not viewable by third parties.
How does TLS work?
TLS uses a combination of symmetric and asymmetric cryptography to establish an encrypted bidirectional data tunnel and transfer data. With symmetric cryptography, data is encrypted and decrypted with a secret key known to both sender and recipient. Asymmetric cryptography is used to generate and exchange a session to encrypt the data transmitted by one party, and decrypt the data received at the other end. A server must have a TLS certificate to enable secure negotiation of encryption between client and server. A certificate contains important information such as domain ownership and public key, which are used to validate the server’s identity.
1. Client initiates a connection to a server.
2. Server presents its TLS certificate to the client.
3. Client validates the server by verifying the certificate information.
4. A session key is then generated through information exchange between the two parties.
5. The generated session key is used for encryption of traffic between the two parties.
- [GIAC] Paper on TLS Adoption Rates and Benefits
- [SANS] Paper on TLS Adoption Rates and Benefits
- [F5] Labs 2021 TLS Telemetry Report