SSL/TLS Handshake Protocol
Secure Socket Layer (SSL) and its newer version Transport Layer Security (TLS) are cryptographic protocols that provide security on the internet. SSL 3.0 is the most popular version most web servers and browsers support.
However, TLS v1.1 and v1.2 are more secure versions. A web server and its clients use these protocols to establish trust. Keep reading this article if you want to know about the way TLS/SSL certificate negotiate make these systems to negotiate and share the secret key.
What is TLS/SSL certificate Handshake Protocol?
The Handshake Protocol used between a web client and a web server to established trust and then negotiate. However, the encryption and decryption of the conversation needs a secret key.
With the protocol in place, an eavesdropper can only see the connection endpoints; but cannot read or modify any of the actual data. Thus, it can protect users’ personal data and ensure a safe transaction.
Which layer does the SSL certificate handshake protocol belong?
Many people are asking on what layer of the OSI model (Open Systems Interconnection Model) the protocol operates. Some people say, it is on the application layer because it is just HTTP over secure socket layer.
However, other group of people say it is presentation layer because the encryption and decryption process operate on this layer.
Nevertheless, there is some argue about it is on session layer because the protocol provides point-to-point session security. It is indeed a difficult situation to judge each argument is valid. The OSI model is not a science, but a guideline.
The handshake protocol involved with top three layers of OSI model. If we use TCP/IP model, we can simply say the protocol belongs to application layer.
How does handshake protocol work?
Here is the process how a client and a server uses the handshake protocol to negotiate securely exchange data:
1. The client sends a “ClientHello” message that lists information such as TLS certificate version and the cryptographic algorithms and the data compression methods supported by the client.
2. The server responds with a “ServerHello” massage that contains cryptographic algorithms chosen by the server from the list provided by the client and the session ID. The server also sends its digital certificate and its public key.
3. The client will contact the server’s CA and verifies the server’s digital certificate thus confirming the authenticity of the web server. This step is establishing trust on the web server.
4. Once the client trusts the web server, the ClientKeyExchange will happen. With this step, the client sends a shared secret key. Sendinding a shared secret key is the best way that helps the continuity of conversation. The shared secret key encrypted with the server’s public key.
5. The client sends a “Finished” message. This indicates that the client part of the handshake is complete.
6. The server responds to the client with a “finished” message, which is an encrypted one with the secret key. This indicates that the server part of the handshake is complete. Once this handshake done, the server and client can now exchange symmetrically encrypted messages. Actually, the shared secret key encrypted those messages.
The Bottom Line
TLS/SSL certificate handshake protocol is one of the main processes, which helps the communication between the client and the web servers begins. The process is truly similar to the human handshake and it is the first step toward building trust between two systems. Keep in mind the server and the client can only exchange the encrypted messages if the handshake process completely done.