2. WHAT IS TRANSPORT
LAYER SECURIY?
TLS is the successor to the
secure sockets layer.
Transport layer security is a
protocol that ensure privacy
between communicating
application and their users
on the internet.
3. WHY DO WE NEED IT?
TLS ensure that no
third party may eaves
drop or tamper with any
message.
5. WORKING OF TRANSPORT
LAYER SECURITY
The client connect to server using
tcp, the client can be anything .
The client sends a number of
specifications ,
1) Version of ssl, tls.
2) Which cipher suites, compression
method it wants to use.
6. The server checks what the
highest ssl, tls variation it
that is supported by them
both, picks a cipher suits
form one of the clients
options and optionally picks a
compression methods.
7. HOW TO DETECT SECURE
CONNECTIONS
Chrome can display the version.
Click on the padlock icon a popup
appears, which contains some
details , including the protocol
version .
Example:
The connection uses tls 1.0”
verified on version 21.01180.82
8. EXAMPLES
The site identity is verified and is
secure.
Maharashtra.gov.in users
#ssl
# The certificate has been
verified by thawte ssl ca
# The key exchanging
mechanism.
9. TLS RECORD PROTOCOL
Dividing outgoing messages into
manageable blocks, and
reassembling income messages.
Compressing outgoing blocks and
decompressing income blocks.
Applying a message authentication
code to outgoing message and
verifying incoming messages using
the Mac.
10. Encrypting outgoing messages and
decrypting income messages.
When the record protocol and
handshake protocols are completed,
the outgoing encrypted data is
passed down to the Transmission
control protocol layer for transport.