Transport Layer Security (TLS) is a cryptographic protocol that provides end-to-end security of data sent between applications over the Internet. It is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing web browsing sessions is perhaps the most well-known. TLS replaced the Secure Sockets Layer (SSL) protocol in 1999.
TLS aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications. It runs in the presentation layer and is itself composed of two layers: the TLS record and the TLS handshake protocols.
When a client and server agree to use TLS, they negotiate a stateful connection by using a handshaking procedure. During this handshake, the client and server agree on various parameters used to establish a secure connection, including the cipher suite and the TLS version to be used. Once the connection is established, data is encrypted and decrypted using a combination of public-key and secret-key cryptography.
Some benefits of using TLS include:
- Authentication: TLS connection ensures both parties identities are who they claim to be by providing a certificate.
- Integrity: TLS verifies that the data transmitted has not been forged or tampered with during the delivery process.
- Privacy: TLS provides confidentiality by encrypting data exchanged over the network, including emails, web browsing sessions, and file transfers.
TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and the current version is TLS 1.3, defined in August 2018.
