Components of TLS:
- Encryption:
- Purpose: Hides the data so outsiders can’t understand it.
- Example: Imagine putting your message in a locked box so others can’t peek inside.
- Authentication:
- Purpose: Makes sure the parties exchanging information are who they say they are.
- Example: Checking someone’s ID to confirm their identity before sharing secrets.
- Integrity:
- Purpose: Verifies that the data hasn’t been changed or tampered with.
- Example: Making sure the sealed envelope you receive hasn’t been opened or altered.
Working of TLS:
TLS Handshake:
- Purpose: Kickstarts the secure connection.
- Example: Shaking hands before starting a secret conversation.
Cipher Suite:
- Purpose: Decides the rules for the secure conversation.
- Example: Agreeing on a secret language and codes to communicate securely.
Public Key Cryptography:
- Purpose: Setting up secret codes without sharing them openly.
- Example: Sending a secret code that only the intended recipient can understand.
Authentication (using Public Keys):
- Purpose: Confirming the identity of the server.
- Example: Showing a special badge to prove you are who you say you are.
Message Authentication Code (MAC):
- Purpose: Adds a seal to ensure the message hasn’t been tampered with.
- Example: Putting a unique stamp on a letter to show it hasn’t been opened.
Verification:
- Purpose: Checking the seal to confirm the message is intact.
- Example: Making sure the stamp is genuine before trusting the contents of the letter.