TLS is a data privacy and security protocol implemented for secure communication over internet. It usually encrypts communication between server and clients. TLS is a successor to Secure Socket Layer (SSL) protocol. SSL v3.0 and TLS v1.0 were very similar but it was replaced with TLS. You can also refer to Transport Layer Security (TLS).
A Transport Layer Security (TLS) connection is established via handshake.
TLS Handshake in action :
- With a TLS enabled service, a sender sends a ClientHello (as referred in protocol). This includes information about Client.
- Then server responds with ServerHello message (selecting highest version of TLS supported by Client) and then chooses a cipher suite from list in ClientHello message. The server also transmits its Digital certificate and a final ServerHelloDone message.
- Client validates certificate. Client then sends ClientKeyExchange message. Here client chooses a key exchange mechanism to securely establish a shared secret with server. Client also needs to send ChangeCipherSpec indicating that it is switching to secure communication now, which is finally followed by Finished message for indicating a successful handshake.
- Server replies with ChangeCipherSpec and an encrypted Finished message once shared secret is received.
Session key is Shared Symmetric Encryption Key used in TLS sessions to encrypt data being sent back and forth.