COMPTIA Security+ Tutorial: Module 06,Part 02 – TRANSPORT ENCRYPTION

The Transport Encryption is the process to protect communication between the client and the server which prevents the disclosure of the sensitive data as well as the manipulation of the data. Using the Transport Encryption, prevents the redirection in which the communication is no longer taking place between the two expected parties.

This type of security, encrypts data while it is in transit and hence it is called as transport encryption.

The Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL) are the two cryptographic protocols that provide security over the network to accomplish communication.

The Transport Layer Security (TLS) intends to provide privacy and data integrity between two communicating computer application. When the connection is secured by TLS between a client and a server, it will have one of the following properties:

  • The connection is private because the symmetric cryptography is used to encrypt the data transmitted.
  • The identity of the communicating party can be authenticated,which is optional, but is generally required for one of the parties.
  • The message integrity can be checked using a message authentication code to prevent alteration of the data during transmission.
  • The careful configuration of the TLS can provide high level security with properties such as forward secrecy. The TLS can have different ways to exchange the keys, encrypt data, and authentication message integrity.

On the other hand, the Secure Sockets Layer (SSL), a computer authentication protocol manages the server authentication, client authentication, and encrypted communication between servers and clients.

Secure Socket Layer

The Secure Sockets Layer uses a combination of the symmetric key encryption and a public key to secure connection between two machines that could be a server and a client machine communicating over the internet.

The SSL also runs over the TCP/IP protocol, which is responsible for transport and routing of data. The Sockets part refers to the sockets method of passing data back and forth between a client and server program in  a network.

The combination of TLS and SSL is most widely deployed and is found in the applications such as web browsers. If we look at the SSL alone, it contains two sub protocols :a) the record protocol and b) the handshake protocol. These protocols allow the client to authenticate a server and establish an SSL connection.

In the initial handshake process, the server that supports SSL presents a digital certificate to the client to authenticate the server’s identity. The authentication process uses a public key encryption to validate the digital certificate.

After the server has been authenticated, the client/server establishes cipher settings and uses a shared key to encrypt the information which they will exchange in the remainder of the session. The handshake allows the client to authenticate itself to the server.

Key Difference between SSL and TLS:

The key difference between the TLS and SSL is that TLS is a more secure and efficient protocol due to its message authentication, key material generation and supported cipher suites. The TLS support newer and secure algorithms.