RF Wireless World

TLS vs SSL | Difference between TLS and SSL encryption types

This page compares TLS vs SSL and mentions difference between TLS and SSL encryption types. This page on TLS vs SSL also describes difference between TLS versions TLS 1.0, TLS 1.1, TLS 1.2 and SSL versions SSL V1, SSL V2, SSL V3 and SSL V3.1.

Introduction :
Both TLS and SSL operates on top of the TCP layer but below the application layer. It can be considered as top sublayer for the Layer-4. SSL and TLS both are encryption protocols. They provide data communication security over computer network. There are different versions of these protocols. They are widely used in email, web, VoIP and other messaging applications.

These protocols are used in client server applications developed to provide communication across network without any intrusion and tampering.

Both TLS and SSL encryption protocols provide a secure transport connection between applications (e.g. web server and browser). The main goal of TLS/SSL is following:
• Establish session by agreeing on algorithms, sharing secrets and performing authentication.
• Transfer application data with the use of symmetric encryption and data integrity (e.g. keyed message authentication code).

What is TLS Encryption

• TLS stands for Transport Layer Security.
• TLS uses record protocol to transfer application and TLS information.
• A session is established using handshake protocol.

Other layers of TLS are same as SSL and TLS 1.0 is equivalent to SSL V3.1. These have been depicted in the figure above.

Difference between TLS Versions-TLS 1.0, TLS 1.1, TLS 1.2

Following table mentions features of TLS versions e.g. TLS 1.0, TLS 1.1 and TLS 1.2.

What is SSL Encryption

SSL stands for Secure Socket Layer. It was developed by Netscape. SSL including various components such as handshake protocol, record protocol, alert protocol and change cipher spec protocol. Following are the functions of these SSL components.
• SSL Handshake protocol does negotiation of security algorithms & parameters, does key exchange, does server authentication and optionally client authentication.
• SSL record protocol does fragmentation, compression, message authentication and integrity protection and encryption.
• SSL alert protocol provides error messages i.e. fatal alerts and warnings.
• SSL Change Cipher Spec Protocol is a single message which indicates end of SSL handshake protocol.

The figure above depicts processing of the application layer data by SSL record protocol. As shown there three major functions performed by the SSL record protocol viz. fragmentation, compression and message authentication and encryption.

Following are the descriptions of the header fields.
• type:
-the higher level protocol used to process the enclosed fragment
-possible types: •change_cipher_spec •alert •handshake •application_data
• version
-SSL version, currently 3.0 • length
-length (in bytes) of the enclosed fragment or compressed fragment
-max value is 2¹⁴ + 2048

Difference between SSL Versions-SSL V1, SSL V2, SSL V3, SSL V3.1

Following table mentions features of SSL versions e.g. SSL V1, SSL V2, SSL V3 and SSL V3.1.

In order to understand basics of TLS vs SSL i.e. difference between TLS and SSL, also refer SSL vs SSH >> , SSL Handshake vs SSH Handshake >> and TLS vs DTLS >>.

Networking related links

Basics of OSI and TCPIP layers
Networking Gateway
What is Router
What is an IP address
network switch
network bridge
Hub and Types of Hub
What is MAC address

What is Difference between

hub Vs switch  circuit switching Vs packet switching  firewall Vs router  HDLC Vs PPP  IGRP Vs EIGRP  router Vs bridge  switch Vs router  WLAN Vs Ethernet LAN  LAN vs WAN vs MAN 

RF and Wireless Terminologies