What is SSL/TLS encryption?
Transport Layer Security (TLS) is a protocol for encrypting data that is sent over the Internet. TLS grew out of Secure Sockets Layer (SSL), the first widely-adopted web encryption protocol, in order to fix most of the earlier protocol’s security flaws. The industry still uses the terms somewhat interchangeably for historical reasons. Any web site that you visit starting with https:// rather than http:// is using TLS/SSL for communication between a browser and a server.
Proper encryption practices are a necessity in order to prevent bad actors from accessing important data. Because the Internet is designed in such a way that data is transferred across many locations, it is possible to intercept packets of important information as they move across the globe. Through the utilization of a cryptographic protocol, only the intended recipient is able to decode and read the information and intermediaries are prevented from decoding the contents of the transferred data.
The TLS protocol is designed to provide 3 components:
- Authentication – The ability to verify the validity of the provided identifications
- Encryption – The ability to obfuscate information sent from one host to another
- Integrity – The ability to detect forgery and tampering