Listen to Episode 5 of the Product Management Leaders Podcast to uncover strategies and tactics for building world-class products.
Since people began exchanging data over the Internet, it became necessary to protect information from hackers. There are various protocols designed to ensure that fraudsters are unable to see what you transfer. This article explains what TLS is and how it works.
What is TLS?
TLS stands for Transport Layer Security. It is a cryptographic protocol providing end-to-end security for all types of data sent between users.
If a URL link begins with ‘https,’ your browser establishes a connection via TLS. Moreover, TLS can be used while sending emails, files, conducting audio/video conferences, and implementing IP telephony.
Voximplant uses Session Initiation Protocol (SIP) to manage communications such as video and audio calls. Our SIP system supports TLS to protect communications between customers.
The protocol evolved from its predecessor, SSL, which was launched by Netscape in 1995. Initial SSL versions had security drawbacks that eventually led to complete redesign of the protocol. In January 1999, IETF introduced TLS 1.0 which was similar to SSL 3.0.
The next version of the protocol was released in August 2008. Thus far, TLS 1.2 along with TLS 1.1 are still the most widely used versions. In August 2018, IETF finally published TLS 1.3.
The Importance of TLS
Every day, sensitive information is transmitted over the Internet. Without encryption, email correspondence, credit card data, passwords, and conference calls can be easily viewed by hackers. To avoid data leakage, TLS uses encryption algorithms that make data invisible to third parties.
Popular browsers such as Chrome, Edge, Internet Explorer, Firefox, and Safari support TLS by default. Nonetheless, the use of TLS in some websites, email services, and messengers is still not implemented. If such services don’t indicate a secure mode like a padlock icon on the left side of the address bar, users’ private data can be exposed.
That’s why it’s highly recommended for clients to check their browsers’ compatibility with the final version of TLS 1.3. For complete security, it is important to use it in conjunction with a publicly trusted X.509 Public Key Infrastructure (PKI) and preferably DNSSEC as well.
How does TLS work?
TLS includes a combination of symmetric and asymmetric cryptographics since it provides a good compromise between performance and security when transferring data securely.
Symmetric cryptography relates to the process whereby communication parties share a common session key to encrypt and decrypt data. This approach doesn’t require huge computing resources. The problem arises when you need to share this key confidentially.
In asymmetric cryptography, each party has a pair of keys, both private and public. They are mathematically linked with each other. This approach enables the sender to encrypt data using the recipient public key. In turn, a sender can decrypt data only via his private key.
The biggest advantage of asymmetric cryptography is that you don’t need security to share a public key. The recommended minimum key length is 1024 bits, with 2048 bits preferred because this is up to a thousand times more computationally intensive than symmetric keys of equivalent strength. This makes asymmetric encryption too slow.
As a result, TLS uses asymmetric encryption only for generating and sharing the session key. Once the key is created, it allows the sender to first encrypt the data and then the recipient to decrypt it. When the session ends, the session key is automatically deleted.
The process whereby session keys are exchanged is called a handshake since it's the moment when the two communicating endpoints introduce themselves to each other.
TLS handshake process
The TLS handshake protocol initiates the communication session. Under the hood, there are a series of datagrams, or messages, exchanged by clients and servers. This is how it works:
- The ‘client hello’ message: The client starts a handshake by sending a message, including the client’s capabilities and a random number.
- The ‘server hello’ message: In turn, the server sends a message with a certificate, selected connection parameters, and a random number generated by the server.
- Authentication: The client checks the server’s certificate. This ensures that the client is interacting with the actual owner of the domain.
- The premaster secret: The client sends an encrypted ‘premaster secret,’ a random byte string.
- Session key generation: During this stage, a new layer of privacy is added. Both the client and the server create session keys from the client random number, the server random number, and the premaster secret.
- The ‘finished’ messages: If the client and the server received the same results, they send to each other the ‘finished’ message encrypted with a session key.
This completes the TLS handshake process! Now, the client and server can proceed with communicating over a secure channel.
Previously, we mentioned that during the authentication stage, the client receives a certificate from the server and checks it for validity. A certificate is a crucial element of the TLS handshake that needs to be described in detail.
A Certificate Authority (CA) is an entity that issues certificates. You can compare CA with a notary whose job is to confirm that the signature on the certificate data is authentic. CA acts as a trusted third-party confirming to TLS clients that they are establishing a connection with a validated server.
Each entity that wants to offer services encrypted by TLS must buy certificates from CAs, who, in turn, verify that the organizations are who they claim to be. Thus, if you want to secure your website with TLS, you’ll have to prove to a CA that you control your domain. Such an approach can prevent third-party hacking.
There are three types of TLS certificates. Commonly, they differ in the provided level of security.
- Domain-validated SSL certificate (DV): Ensures only that the domain name was registered by sending an authentication link to an address that should be responsible for the domain. This doesn’t confirm a legal entity's connection to the domain, so this certificate is the most vulnerable to attacks. Thus, DVs are used only in internal systems.
- Organization-validated certificate (OV): Requires the domain to prove ownership, as well as additional checks such as organization name and state and country, using public databases. It’s recommended that smaller companies use OVs.
- Extended validation certificate (EV): Requires the most thorough validation process since there are additional checks on the legal establishment, physical location, and the identity of the individuals. EV’s special feature is a green padlock on the left of the address bar to indicate a high level of security. EV certificates are recommended for e-commerce businesses.
Of course, CAs don’t guarantee the complete security of TLS. There have been cases when CAs were tricked into issuing fake certificates. To avoid such cases, the DANE protocol was implemented. If DANE detects that a browser does not use a specified certificate, it alerts users that their connection is insecure.
TLS vs. SSL
TLS is an advanced modification of SSL that is about 25 years old. If we compare SSL 2.0 to TLS 1.3, there would be a huge technological gap.
TLS is more efficient and secure than its predecessor since it has stronger message authentication, key material generation, and other encryption algorithms. For instance, TLS uses pre-shared keys, public-key encryption, and secure remote passwords while SSL does not. The two protocols are not interoperable but TLS is backwards-compatible for devices still using SSL.
Some users continue to refer to the TLS protocol as ‘SSL encryption.’ This term has become widespread and is usually used by vendors that offer TLS security although the latest version of SSL was declared obsolete in 2015.
TLS 1.3 was made more secure and faster than its predecessors. It has been less than two years since the last version was released and only one attack vulnerability was identified during this time.
In 2019, research found a vulnerability in TLS 1.3 security which allows hackers to intercept encrypted traffic to steal data using a variation of the original Bleichenbacher Oracle attack.
Except for this case, there are only a few minor flaws with TLS:
- Page load time: TLS causes web pages to load more slowly. In TLS 1.3, the complete handshake takes around 100ms. This may seem insignificant but, according to Amazon’s survey, every additional 100ms of page load time decreases sales by 1%.
- Plugin problems: Many plugins weren’t built with an HTTPS transition in mind. This may lead to errors that could be resolved by either removing or updating the plugin.
- Social share plugins: Using insecure pop-ups on a website connected to TLS can cause content errors or browser security warnings.
- Increased costs: If you want to protect your website, it can be expensive to purchase a certificate. The final price depends on the number of domains and subdomains that the TLS certificate will cover. The average cost for one organization is about $100 US per year.
You can find out more about how vulnerabilities are eliminated in SIP communications here.
The TLS 1.3 protocol was launched less than two years ago and the adoption rate is growing rapidly. According to an IETF survey, the percentage of TLS 1.3 connections amongst Chrome, Firefox, and Safari was about 30% at the end of 2019 indicating that some companies are still using obsolete and insecure protocols.
TLS is definitely one of the best encryption methods available and the widespread adoption of the protocol will make the Internet, and especially SIP telephony, a safer place. Looking ahead, TLS has a bright future.