Skip to main content

Home TLS Handshake

TLS Handshake

TLS Handshake definition 

TLS Handshake refers to the process that initiates a secure communication session between a client, such as a web browser, and a server, such as a website. Its job is to authenticate different users, negotiate cryptographic parameters, and establish a secure connection.

See also: Cryptographic key, Sll-tls proxy

How does the TLS Handshake work? 

The TLS handshake is a process that secures communications by establishing the encryption protocols and keys that will be used for the duration of the session. 

  1. 1.Client hello. A session starts with the client sending a "ClientHello" message to the server. 
  2. 2.Server hello. The server replies with a "ServerHello" message. 
  3. 3.Server certificate and key exchange. The server sends its digital certificate to the client. 
  4. 4.Client key exchange. The client responds with a "ClientKeyExchange" message, which often includes a pre-master secret encrypted with the server's public key. 
  5. 5.Certificate request. The server can also request a certificate from the client, ensuring mutual authentication.
  6. 6.Client and server finish. The client sends a "ChangeCipherSpec" message, signaling that it will start using the new encryption keys and algorithms. It then sends an "EncryptedHandshake” message to verify that the key exchange was successful. The server sends its own messages to confirm it has also switched to to the encrypted mode.