TLS vs SSL | Difference between TLS and SSL encryption types
This page compares TLS vs SSL and mentions difference between TLS and SSL encryption types. This page on TLS vs SSL also describes difference between TLS versions TLS 1.0, TLS 1.1, TLS 1.2 and SSL versions SSL V1, SSL V2, SSL V3 and SSL V3.1.
Both TLS and SSL operates on top of the TCP layer but below the application layer. It can be considered as top sublayer for the Layer-4. SSL and TLS both are encryption protocols. They provide data communication security over computer network. There are different versions of these protocols. They are widely used in email, web, VoIP and other messaging applications.
These protocols are used in client server applications developed to provide communication across network without any intrusion and tampering.
Both TLS and SSL encryption protocols provide a secure
transport connection between applications
(e.g. web server and browser).
The main goal of TLS/SSL is following:
• Establish session by agreeing on algorithms, sharing secrets and performing authentication.
• Transfer application data with the use of symmetric encryption and data integrity (e.g. keyed message authentication code).
What is TLS Encryption
• TLS stands for Transport Layer Security.
• TLS uses record protocol to transfer application and TLS information.
• A session is established using handshake protocol.
Other layers of TLS are same as SSL and TLS 1.0 is equivalent to SSL V3.1. These have been depicted in the figure above.
Difference between TLS Versions-TLS 1.0, TLS 1.1, TLS 1.2
Following table mentions features of TLS versions e.g. TLS 1.0, TLS 1.1 and TLS 1.2.
|TLS 1.0||It is defined in RFC 2246, in the year 1999. It is upgrade of SSL V3.0.|
|TLS 1.1||It was defined in RFC 4346 (April 2006). It is upgrade version of TLS V1.0. It adds protection against CBC attacks.|
|TLS 1.2||It was defined in RFC 5246 (August 2008).|
What is SSL Encryption
SSL stands for Secure Socket Layer. It was developed by Netscape.
SSL including various components such as handshake protocol,
record protocol, alert protocol and change cipher spec protocol.
Following are the functions of these SSL components.
• SSL Handshake protocol does negotiation of security algorithms & parameters, does key exchange, does server authentication and optionally client authentication.
• SSL record protocol does fragmentation, compression, message authentication and integrity protection and encryption.
• SSL alert protocol provides error messages i.e. fatal alerts and warnings.
• SSL Change Cipher Spec Protocol is a single message which indicates end of SSL handshake protocol.
The figure above depicts processing of the application layer data by SSL record protocol. As shown there three major functions performed by the SSL record protocol viz. fragmentation, compression and message authentication and encryption.
Following are the descriptions of the header fields.
-the higher level protocol used to process the enclosed fragment
-possible types: •change_cipher_spec •alert •handshake •application_data
-SSL version, currently 3.0 • length
-length (in bytes) of the enclosed fragment or compressed fragment
-max value is 214 + 2048
Difference between SSL Versions-SSL V1, SSL V2, SSL V3, SSL V3.1
Following table mentions features of SSL versions e.g. SSL V1, SSL V2, SSL V3 and SSL V3.1.
|SSL V1||Developed by Netscape in 1994, never released this version|
|SSL V2||Integrated in netscape 1.1 in 1995 , got badly broken!|
|SSL V3||Redesigned from scratch by Netscape in 1996|
|SSL V3.1||Developed in 1996/1999, Defined in RFC2246 as TLS1.0|