What is TLS Encryption?

Instructor: Sally Cornett

Sally has a BS in computer science and over 10 years of engineering and business experience.

In this lesson, we will provide a basic understanding of TLS (Transport Layer Security) Encryption and how to avoid ongoing challenges to TLS standards.


As a child, did you and a friend ever try to write messages in code in order to keep secrets from a pesky little brother or sister? If you did, you were using cryptography which is the science of coding messages in order to keep them secure. At that time, what you probably accomplished more successfully than securing your message, was motivating that annoying little kid to get serious about cracking your code. If you had known more about securing messages back then, maybe the mystery of the hidden teddy bear would still be an unsolved cold case in your family's archives. Today with so much of our personal information traveling around electronically: at our place of employment, between financial institutions and about our purchase and credit history, it is reassuring to know that modern cryptography keeps this information secure on our behalf.

What is TLS Encryption?

TLS stands for Transport Layer Security and is a method used to encrypt messages sent back and forth on a computer network between two devices. It is the current standard for message encryption and security. TLS Encryption has evolved from SSL (Secure Socket Layer) encryption developed in the 1990s by Netscape. The standard has been revised several times when technology has rendered earlier versions insecure. TLS uses two layers of protection. One is called message protocol and the other is called handshake protocol. The name of each makes it easy to remember specifically what is being secured.

Handshake Protocol

Handshake protocol is responsible for the authentication and key exchange required to establish secure electronic communications between a sender and receiver. As the name implies, think of the process as an electronic handshake. At the very beginning of an electronic communication, before the message or data is sent, the sending and receiving devices (the client and the server) determine what parameters will be used to secure the transmission. The client (sender) suggests a selection of ciphers (characters or symbols) and hash functions (memory addresses that indicate where data is stored). The server (receiver) selects options from the proposed list and notifies the sender what was selected in the form of a digital certificate. The digital certificate includes the name of the receiving server and that server's public encryption key. The client confirms that the certificate is valid and sends a random number back to the receiving server which is able to unlock that number with its private server key. This random number is known as the message authentication code (MAC) and only the client and the server sending and receiving the message know what the MAC is.

There may be several back and forth communications between the sender and receiver that are all considered part of the same communication. The MAC is what allows the devices at both ends of the communication to confirm the integrity and authenticity of each portion of the entire communication between devices. Once the server receives the MAC, the handshake process is complete and a secure connection is established.

Message Protocol

Message protocol (also sometimes called record protocol) is responsible for securely packaging the message for delivery (think of choosing a safety envelope, sealing it, adding the destination address and licking the stamp). The message to be sent is broken into multiple data blocks. These blocks are then numbered and juggled to protect them from being intercepted and pieced back together by a hacker. Although the standard is considered to be robust in the world of today's technology, eventually the standard may be broken. After the message blocks are juggled, the message is compressed and encrypted according to the handshake protocol previously determined. Finally, it is sent through the secure connection to its destination. When received, the message protocol occurs in reverse. The message is decrypted per the established handshake protocol, decompressed, the blocks of data are reassembled like a jigsaw puzzle and then displayed the way it was originally intended to be read.

TLS Risks

The US National Security Agency (NSA) has a saying: ''Attacks always get better; they never get worse''. This is an indirect way of saying that just as technology advances, hacker attacks also become more sophisticated over time.

We can assume hackers (remember that tenacious little sibling?) will continually try to break into secure electronic transmissions. Therefore, we should keep the following things in mind about how to minimize TLS risks.

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account