The SSL handshake is the negotiation between the two parties or can say that the communication between the client (web browser) and the server (web server) is through a secure and encrypted channel or tunnel. It is also known as the TLS handshake. The word ‘handshake’ represents when the two unknown parties come across for the first time. The other name of the handshake is HTTP Persistent Connection (keep alive).
The SSL/TLS handshake involves a series of steps such as identifying and verifying both the parties, agreeing on which cipher suite will encrypt communication, TLS version to be used, and establishing secure session keys before transferring the data.
SSL/TLS Handshake Process:
The client initiates the conversation with the ‘Hello’ message with the server with the request which contains cipher suites and maximum TLS versions that it supports.
The server responds with the ‘Hello Done’ message which agrees on available cipher suites and TLS versions. In addition, the server sends the TLS or X.509 certificate with its public key.
The browser or client verifies the server’s certificate with the help of the public key of the server from the certifying authority(CA). The client also generates a random session key known as ‘pre-master key’ and encrypts it using the server's public key and then exchanges it with the server. The asymmetric encryption happens in this stage of the handshake. The client also sends a ‘Finished’ message to the server along with the pre-master key.
The server uses its own private key to decrypt the pre-master key. Now, public key asymmetric encryption is terminated and replaced with the symmetric encryption.
Both client and server have a pre-master key to compute a shared secret key, called a ‘shared secret’ or ‘secret key’ or ‘symmetric key’. Again, both client and server try to encrypt and decrypt the message or data using the symmetric key.
Now, the secret or symmetric key will be used for the bulk encryption and decryption of data.
Asymmetric encryption is used to establish the secure connection between the client and the server using session keys, while symmetric encryption is used to exchange the data which is further used for bulk encryption and decryption of data.
SSL or Secure Socket Layer is the standard security protocol to secure communication between the client and the server through an encrypted channel over the internet. The SSL provides confidentiality, integrity and authentication to internet communications. A TLS handshake takes place whenever a user navigates to a website over HTTPS including API calls and DNS over HTTPS queries. SSL works by ensuring that any data transferred between users and websites, or between two systems, remains impossible to read using public key and private key encryption and other cryptographic functions.
Helpful resources:
YouTube: https://youtu.be/tKqSSOEjbgs