Sunday, May 5, 2024

TLS-1.2 Architecture


The architecture of TLS (Transport Layer Security) 1.2, is defined in RFC 5246. As defined in the given diagram, TLS 1.2 has 4 phases of execution.

1. Record TCP check

It serves as the underlying transport mechanism for TLS, which is responsible for encapsulation of higher-level protocols

2. Certificate Exchange

In mutual authentication scenarios, client and server exchanges and verifies certificates to generates shared keys.

3. Key Exchange

The communication is based on the chosen cipher suite. The client and server then generate a pre-master secret and exchange it securely.

4. Final Data Transmission

Both the client and server connect with encrypted derived keys, to confirm that the handshake. It enables to continue the client request and server response in secured way.

Source code is demonstrated using C# in github repo at gsenthilvel/tls-demo (github.com)

No comments:

Post a Comment