TLS (Transport Layer Security)
What is TLS (Transport Layer Security)?
TLS (Transport Layer Security)The IETF-standardized cryptographic protocol that provides confidentiality, integrity, and authentication for traffic between two networked applications.
TLS sits between an application protocol (HTTP, SMTP, IMAP, gRPC, etc.) and the transport (typically TCP or UDP for QUIC), turning a plain bidirectional stream into an authenticated, encrypted channel. Versions in active use are TLS 1.2 and TLS 1.3; older SSL versions and TLS 1.0/1.1 are deprecated because of known weaknesses. A handshake authenticates the server (and optionally the client) via X.509 certificates, negotiates a cipher suite, and derives session keys, often with elliptic-curve Diffie–Hellman to provide forward secrecy. TLS underpins HTTPS, secure email, modern messaging, and many service-to-service architectures, and is the basis for mutual TLS in zero-trust designs.
● Examples
- 01
An HTTPS connection between a browser and a web server protected by TLS 1.3 with AES-GCM and ECDHE.
- 02
Microservices authenticating each other via mutual TLS in a service mesh.
● Frequently asked questions
What is TLS (Transport Layer Security)?
The IETF-standardized cryptographic protocol that provides confidentiality, integrity, and authentication for traffic between two networked applications. It belongs to the Network Security category of cybersecurity.
What does TLS (Transport Layer Security) mean?
The IETF-standardized cryptographic protocol that provides confidentiality, integrity, and authentication for traffic between two networked applications.
How do you defend against TLS (Transport Layer Security)?
Defences for TLS (Transport Layer Security) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for TLS (Transport Layer Security)?
Common alternative names include: Transport Layer Security.