About us

Certifications

Memberships

Commitment

Industries

PRESS

Career

Contact us

Uncategorized

The History of SSL/TLS: Part 1 – Basics of SSL and TLS

The History of SSL/TLS: Part 1 – Basics of SSL and TLS

Even if at least they know it, SSL and especially TLS are the protocols we use most often on the Internet. SSL and its successor TLS are protocols which are used to encrypt our surfing on the Internet. They are also the ones that turn the “http” in our address bar into “https“. In the following we want to talk about the basics of SSL and TLS.

Basics of SSL and TLS – Function

Encrypted aware7.de Website
Encrypted aware7.de Website

SSL and TLS form the basis for secure data transmission when surfing. Our web browsers use these protocols to establish a secure connection to a website through encryption. This is to ensure that our data cannot be read or changed during transmission. The SSL (“Secure Socket Layer”) protocol has now been replaced by the standardized successor TLS (“Transport Layer Security”). Although TLS is the successor of SSL, the term SSL is still used today due to its popularity.

The most used protocol on the Internet

The Transparenzbericht published by Google shows that 91% of all Google searches in Germany are currently encrypted. Likewise the statistics of the certification authority Let’s Encrypt, here in the Blog already presented , show that over 180 million certificates for the encryption of web pages were created there in the last 3 years. Finally a study of the network equipment company Sandvine shows that in 2018 more SSL/TLS encrypted connections were used than unencrypted ones.

Basics of SSL and TLS – Protection Objectives

Encryption and security while surfing the Internet takes place between the browser and the website. The main tasks of SSL and TLS during this communication are the following:

  • The authentication of the website – I really surf with aware7.de?
  • The confidentiality of the data – only aware7.de and my browser know which data is transferred?
  • The integrity of the data – Were the transmitted data not changed during the transmission?

These questions are to be solved by the use of SSL and TLS. Therefore a certificate is exchanged between the web browser and the web page each time a web page is called. This certificate is then checked for validity by the browser. If this check fails, we as the user receive a warning from the browser. In such a case it is not recommended to continue surfing on the respective website.

SSL and TLS are therefore used to protect our connection to a website from being read and manipulated. Therefore you use certificates to ensure who is communicating with and to establish a secure connection. To understand how this works, in the next part of this series we will look more closely at certificates and their use.

Photo of author

Chris Wojzechowski

Mein Name ist Chris Wojzechowski und ich habe vor wenigen Jahren meinen Master in Internet-Sicherheit in Gelsenkirchen studiert. Ich bin geschäftsführender Gesellschafter der AWARE7 GmbH und ausgebildeter IT-Risk Manager, IT-Grundschutz Praktiker (TÜV) und besitze die Prüfverfahrenskompetenz für § 8a BSIG. Unser Brot und Buttergeschäft ist die Durchführung von Penetrationstests. Wir setzen uns darüber hinaus für ein breites Verständnis für IT-Sicherheit in Europa ein und bieten aus diesem Grund den Großteil unserer Produkte kostenfrei an.

AWARE7 GmbH

Munscheidstr. 14
45886 Gelsenkirchen

Tel. +49 (0) 209 - 8830 6760
Fax. +49 (0) 209 - 8830 6769
Mail info@aware7.de

Opening hours
Monday - Friday
8:00 - 17:00

COMPANY

About us

Certifications

Memberships

Commitment

Code of Conduct

Career

Contact us

AWARENESS

Live Hacking Show

Managed Phishing Simulation

RESOURCES

IT-Security Blog

Media package

Success Stories

OFFENSIVE SERVICES

Penetration test

Vulnerability scan

IT security emergency

360° SME analysis

CONTACT

Contact form

Call for proposal (CfP)

CONSULTING

ISMS consulting

External information security officer

Imprint Privacy policy
Directions

All prices incl. VAT.