Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are how most data is secured across the Internet. Every website you access over HTTPS is encrypted from the server to your browser with this technology. Emails between major providers are also secured this way.
Today, nearly every website and app uses TLS, not SSL. However, some people still call the technology “SSL”, even if it’s actually TLS under the hood.
Even though cryptography is complicated, understanding SSL/TLS isn’t. By the time you’re done reading this article, you’ll have a good understanding of what SSL/TLS is, what it’s used for, and how it works.
What is SSL?
SSL and TLS are technologies that encrypt data between a server and a client. Using SSL/TLS serves three purposes:
- Keeping data confidential in transit. Nobody between the server and client can read the contents of the data.
- Verifying and authenticating the identity of the website. With SSL/TLS, you know that the content you’re seeing actually came from the website in the URL bar.
- Preventing data tampering. As a result of the previous two features and a feature called the message authentication code (MAC), a malicious government or internet service provider can’t insert their own code or modify the page.
SSL and TLS are transport-layer protocols, so they allow other protocols to go on top. Both web browsing (using HTTPS) and email (using SMTP) can be used over TLS.
How does SSL/TLS work?
A TLS connection involves three steps:
- It starts with the TLS handshake, in which the server and client make a secure connection with asymmetric (public-key) cryptography.
- The server and client agree upon a secret key and exchange it over the secure connection. All communication from here on out is encrypted symmetrically using the secret key.
- The protocol on top of TLS—like web or email—sends its data over this symmetrically-encrypted channel.
The TLS Handshake
To set up the connection, the server and client have to be able to communicate securely. However, if they haven’t communicated over a secure channel previously, they won’t have an encryption key to use. The question is: how can the server and client agree on a key without an eavesdropper being able to figure out what it is?
This is where asymmetric encryption, using public-key cryptography, comes into play. Symmetric encryption uses the same key for both parties; with asymmetric encryption, this is not so. The server has two long-term keys involved in the handshake: a public key, which is shared with everyone, and a private key, which is kept confidential.
Using some clever math, data encrypted with the server’s public key can only be decrypted with its private key. Similarly, data encrypted with the private key can only be decrypted with the public key.
This allows the server and client to exchange a large random number. From the random number, each side derives the session key, used for all later communication.
What is an SSL Certificate?
A certificate is a special file, stored on a website’s server, that contains its public key and some information about the website. Browsers download the server’s certificate to get its public key as part of the handshake process.
SSL/TLS uses a centralized certificate issuance system. Certificate authorities generate certificates for their customers. While you can generate your own certificate (called a self-signed certificate), it won’t work for most purposes because browsers don’t trust certificates that aren’t from trusted certificate authorities.
Your computer, smartphone, and every other device you use contains a trust store, which is where root certificates are stored. The private keys to these root certificates are stored in vaults under heavy security. That’s because root certificates are the “root” of the chain of trust.
Root certificates sign intermediate certificates owned by certificate authorities (CAs). The certificates that websites use are signed by an intermediate.
What’s the point of having certificates that sign certificates? It’s so that certificates can be revoked if a compromise occurs. If a hacker gets access to a trusted certificate’s private key, they can impersonate the website in question. If they steal a CA’s private key, the security of every single website downstream is compromised.
Although certificates can be manually revoked, they always have an expiration date as well. CAs always issue certificates such that end-user certificates expire before intermediates, which expire before roots.
Types of SSL/TLS Certificates
There are three main types of SSL/TLS certificates:
- Domain Validated (DV) certificates. These certificates are issued without any vetting of the organization—only proof that the domain is owned by the certificate-holder.
- Organization Validated (OV) certificates. With these certificates, the CA performs a certain amount of vetting of the organization requesting the certificate.
- Extended Validation (EV) certificates. Organizations requesting EV certificates must go through a more comprehensive verification process, guaranteeing more authenticity than with DV or OV certificates.
Although OV and EV certificates have vetting requirements not present with DV certificates, each type of certificate uses the same TLS encryption. Traditionally, browsers display websites using EV certificates in a slightly different way. The padlock might be green instead of gray, or the organization name might be displayed next to the padlock. This can give users a greater sense of security when browsing sites with EV certificates.
Recently, browser vendors have determined that EV certificates “do not protect users as intended”. Chrome, Firefox, and Safari all moved from giving EV certificates prominent trust markings to making them appear no different than DV certificates.
Given that today’s browsers make EV certificates appear no different than DV certificates and EV requires a lot more money and paperwork, DV is the right option for most businesses. In fact, anyone can get a DV certificate for free from the nonprofit Let’s Encrypt.
An SSL/TLS certificate may take an hour to a week to be issued by a certificate authority. Most of the time, a CA will issue a certificate in a few hours. EV certificates take longer as a result of the verification process.
In essence, here’s the TLS process:
1. The TLS handshake
2. Client and server agree on a secret key
3. They exchange all other information
TLS replaces SSL completely. Although many people still use the word “SSL” to describe the family of technologies, TLS is what browsers and websites use today. SSL was vulnerable to a number of security issues, as were early versions of TLS. TLS 1.3 is the latest version of the protocol at the time of this writing.