Understanding the TLS Handshake: Unlocking the Secrets Behind the Padlock 🔒
When you browse to a secure website, that reassuring padlock 🔒 icon isn’t just an aesthetic feature—it’s the culmination of a complex process known as the TLS handshake. In this post, we will unravel what occurs behind the scenes to establish a secure connection between your device and the website you are visiting.
To better illustrate these steps, refer to this informative infographic that outlines the messages exchanged between your web browser (the Client) and the website’s server to initiate a TLS session: Infographic.
(Image source: Twitter thread)
Introduction
As we delve into the details, remember that the primary objectives of SSL/TLS protocols are twofold:
- ✅ Validate the identity of the server.
- ✅ Establish session keys to secure subsequent data transmissions.
Before diving into the handshake itself, there are two essential concepts to clarify:
Records vs. Packets
In the infographic, each message exchanged during the TLS handshake is referred to as a “Record.” It is important to note that a Record is not the same as a Packet. A single Packet can carry multiple Records, while multiple Packets may be required to transmit a single Record.
Cryptographic Foundations
A basic understanding of key cryptographic principles is beneficial for grasping the TLS Handshake process:
We won’t delve into these concepts extensively, but if you need clarity, feel free to check out the linked videos. Now, let’s take a closer look at the Records that make up the TLS Handshake.
1️⃣ Client Hello
The TLS handshake kicks off with a Client Hello message from your web browser. This message contains five vital fields:
- SSL Version
- Random Number
- Session ID
- Cipher Suites
- Extensions
These components play a crucial role in achieving the handshake’s goals.
SSL Version
The Client
Share this content:
