When your computer or mobile device wants to connect to a website or service securely, it completes what is called a “handshake” process. This process is used to verify a few things and start the secure transmission of data.
Here are the steps that are taken:
- The client (computer/phone) opens with a “hello” message. This message contains some basic information about, such as the SSL/TLS versions and ciphers that are supported by the client. A special “random key” is also generated and provided to the server.
- The server (website/online service) responds with the same kind of information, such as the SSL/TLS versions and ciphers that are supported. The server also generates a “random key”. The server will also provide its SSL Certificate to the client.
- Once the client has the certificate, it will take various steps to verify that the SSL Certificate is valid and the server is who it says it is.
- The client then generates another special key called the “pre-master secret”, which can only be decrypted by the server. (Image courtesy of CloudFlare)
- The client and the server generate unique session keys, which will be used to verify the connection and information transferred between the client and the server.
- The client sends a “ready” message to the server, which encrypted using the session key
- The server sends a “ready” message to the client that has been encrypted using the session key
As long as the process is successful, communication between the client and the server will continue using the session keys that were generated.
One thing to note here is the client and server will only use the highest and most secure version of SSL/TLS that they both support.