Transport Layer Security (TLS)
Transport Layer Security (TLS) is a cryptographic protocol that provides end-to-end encryption, authentication, and data integrity for communications over a network.
TLS is the successor to Secure Sockets Layer (SSL) and is the most widely deployed security protocol on the internet today. When you see HTTPS in your browser address bar, TLS is the underlying protocol securing the connection between your browser and the web server.
TLS operates by performing a handshake between client and server, during which they agree on a cipher suite, authenticate the server (and optionally the client) using digital certificates, and establish a shared session key for symmetric encryption. This layered approach ensures that even if an attacker intercepts the traffic, they cannot read or modify the data without the session key.
Modern implementations should use TLS 1.2 or TLS 1.3, as earlier versions (TLS 1.0, 1.1, and all SSL versions) contain known vulnerabilities. TLS 1.3 in particular offers significant improvements including a simplified handshake, mandatory perfect forward secrecy, and removal of legacy cryptographic algorithms. Organizations should regularly audit their TLS configurations to ensure they are not using deprecated cipher suites or protocol versions that could expose them to downgrade attacks or other exploits.