SSL / TLS
Understanding SSL/TLS protocols, the handshake process, PKI, HTTPS, and how encryption secures web communications.
What is SSL / TLS?
Cryptographic protocols that provide secure communication over a network
Encryption
All data transmitted between client and server is encrypted using symmetric keys derived during the handshake. This ensures confidentiality — eavesdroppers cannot read the data.
Authentication
Servers (and optionally clients) present digital certificates issued by trusted CAs. This verifies the server's identity and prevents impersonation attacks.
Integrity
Message Authentication Codes (MACs) ensure data is not tampered with during transmission. Any modification will be detected by the receiving party.
TLS Handshake
The sequence of messages exchanged to establish a secure connection
ClientHello
Client sends supported TLS versions, cipher suites, and a random number.
ServerHello
Server selects cipher suite, sends its digital certificate and a random number.
Certificate Verification
Client verifies the server's certificate against trusted CAs.
Key Exchange
Client generates pre-master secret, encrypts with server's public key.
Session Keys Derived
Both sides derive symmetric session keys from the pre-master secret.
Finished
Both sides send encrypted 'Finished' messages. Secure channel established.
Certificate Authorities & PKI
The infrastructure that enables trusted digital identities
How PKI Works
- Root CAs are trust anchors (self-signed, pre-installed in browsers/OS)
- Intermediate CAs are signed by root CAs to issue end-entity certificates
- Server certificates bind a domain name to a public key
- Certificate chains are verified up to a trusted root
- Revocation via CRL (Certificate Revocation List) or OCSP
Major CAs
- Let's Encrypt — free, automated certificates (ACME protocol)
- DigiCert — enterprise-grade certificates
- GlobalSign — SSL, code signing, and email certificates
- Sectigo — high-volume certificate provider
- Cloudflare — managed TLS with universal SSL
TLS 1.2 vs TLS 1.3
| Feature | TLS 1.2 | TLS 1.3 |
|---|---|---|
| Handshake RTT | 2 round trips | 1 round trip (0-RTT for resumption) |
| Cipher Suites | 37+ suites (many insecure) | 5 AEAD suites (all secure) |
| Key Exchange | RSA, DH, ECDH (some without PFS) | ECDHE only (PFS mandatory) |
| Encrypted Handshake | Partially encrypted | Fully encrypted |
| Legacy Algorithms | RC4, 3DES, CBC mode allowed | All removed |
| Downgrade Protection | Limited | Built-in downgrade prevention |
| Adoption | Widely deployed (legacy support) | Increasingly standard |
HTTPS — HTTP over TLS
How HTTPS uses TLS to secure web traffic
How It Works
- Browser connects to port 443 (default for HTTPS)
- TLS handshake occurs before any HTTP data is sent
- After secure channel established, HTTP requests are encrypted
- All HTTP headers, URLs, cookies, and body are encrypted
- Only server IP and SNI hostname remain visible
Benefits
- Prevents eavesdropping on sensitive data
- Protects against content injection by ISPs
- Required for HTTP/2 and HTTP/3
- SEO ranking boost (Google prefers HTTPS)
- Enables modern web APIs (geolocation, service workers)
- Prevents referrer header leakage
Common Attacks on SSL/TLS
Historical vulnerabilities and how they have been addressed
POODLE
(2014)Padding Oracle On Downgraded Legacy Encryption. Exploited SSL 3.0's CBC padding to decrypt plaintext. Fixed by disabling SSL 3.0 entirely.
Heartbleed
(2014)Buffer over-read bug in OpenSSL's Heartbeat extension. Allowed reading server memory (including private keys). Fixed by patching OpenSSL.
BEAST
(2011)Browser Exploit Against SSL/TLS. Exploited TLS 1.0's CBC IV chaining to decrypt cookies. Fixed by prioritizing RC4 (later deprecated) and moving to TLS 1.1+.
TLS Best Practices
Interview Questions
Common SSL/TLS interview questions with answers