TLS (Transport layer security) is the successor or the updated version of SSL and the basic process of securing the network by both is more or less the same.
Transport Layer Security (TLS)/Secure Sockets Layer (SSL) are computer networking protocols for securing connections between network application clients and servers over an insecure network. These protocols provide a mechanism for encrypting and authenticating data sent between client and server.
SSL/TLS layers are responsible for the transport of data between processes and the routing of network traffic over a network between client and server, and below application layer protocols such as Hypertext Transfer Protocol (HTTP) and the Simple Mail Transfer Protocol (SMTP).
It includes basic two sub protocols to secure the network architecture. These sub protocols are as follows −
Handshake protocol − It defines a SSL/TLS connection established between client and server, as well as exchange of keys (Public and Session) for encryption or authentication of transmitted data.
Record protocol − It defines how communicating hosts exchange data using SSL/TLS, which includes how data is to be prepared for transmission and how it is to be verified or decrypted.
During the initial handshake process, a server presents its digital certificate to authenticate itself to the client to whom it wants to establish a connection.
The authentication process uses public key encryption to validate the digital certificate and to confirm that a server is the same server it claims to be. Once the authentication is completed, the client and server establish code (cipher) settings and a shared secret key to encrypt the message they exchange during the session, by this TLS/SSL provides identification, authentication data confidentiality and integrity.
The handshake also allows the client to authenticate itself to the server. In this case, after server authentication is complete, the client must present its certificate to the server to authenticate the client's identity before the encrypted SSL/TLS session can be established.
There are two basic techniques used for encryption in Cryptology, which are explained below:
Symmetric encryption is the oldest and best-known technique for encryption. A secret key is used for this, which can be a number, a word, or just a string of random letters, is applied to the text of a message to alter the content in a particular way. As long as both sender and recipient know the secret key, they can encrypt and decrypt all messages that require this key.
It is that technique which uses two keys or a "key pair" for encryption and decryption unlike Symmetric encryption. The problem with secret keys is exchanging them over the Internet or a large network while preventing them from falling into the wrong hands, attackers, or hackers. Anyone who knows the secret key can alter them in his own way.