Understanding the TLS Handshake: What Goes Into That Security Padlock 🔒
In today’s digital world, the presence of a padlock symbol in your browser is synonymous with secure communication. But what exactly occurs behind the scenes when you visit a website to ensure that your data remains safe? In this blog post, we will dissect the TLS Handshake, the process that facilitates this secure connection between your browser and the website you are accessing.
To aid in our explanation, we’ll reference an infographic that outlines the various interactions between the Client (your web browser) and the Server (the site you’re visiting). You might find it useful to open the image in another tab as you read along.
Introduction to TLS Handshake Goals
Before diving into the specifics of the TLS Handshake, it’s essential to understand its primary objectives:
- ✅ Authentication: Ensuring that the server is genuinely who it claims to be.
- ✅ Privacy: Establishing session keys to protect the data transferred.
As we explore the handshake process, we’ll touch on two important aspects that are foundational to our understanding:
Records vs. Packets
In the context of the infographic, each line represents a “Record” that is transmitted during the TLS handshake. It’s important to clarify that a Record is not the same as a Packet. Multiple Records can fit into a single Packet, or conversely, one Record may span across multiple Packets.
Cryptography Basics
Familiarity with some cryptographic concepts will enhance your understanding of the TLS Handshake. In particular, it’s beneficial to know about:
While we won’t delve deeply into these topics here, I recommend checking out the linked videos if you’re unfamiliar with the terms.
With that said, let’s break down the records involved in the TLS Handshake:
1️⃣ Client Hello
The process begins with the Client sending a Client Hello. Several key parameters are
Share this content:
