How Does TLS Handshake Work?

How Does TLS Handshake Work?

TLS handshake works by: client sends ClientHello message with supported TLS versions and cipher suites; server responds with ServerHello message selecting TLS version and cipher suite; server sends TLS certificate for authentication; client verifies certificate and sends encrypted premaster secret; client and server derive session keys from premaster secret; both sides send Finished messages confirming handshake completion; and secure encrypted communication begins.

TLS handshake establishes secure connection by: authenticating server (via certificate), exchanging encryption keys, agreeing on encryption algorithms, and establishing encrypted communication.

TLS handshake is essential for HTTPS, secure email, and other TLS-encrypted services. Learn more about TLS and TLS certificates.

Handshake Steps

1. ClientHello

Client sends ClientHello message containing: supported TLS versions, supported cipher suites, random number, and session ID (if resuming).

2. ServerHello

Server responds with ServerHello message containing: selected TLS version, selected cipher suite, random number, and session ID.

3. Certificate Exchange

Server sends TLS certificate (and certificate chain) for client to verify server identity.

4. Key Exchange

Client encrypts premaster secret using server's public key and sends to server. Both derive session keys.

5. Finished Messages

Both client and server send Finished messages confirming handshake completion and verifying keys.

6. Secure Communication

After handshake completes, secure encrypted communication begins using established session keys.

Certificate Exchange

Server Certificate

Server sends TLS certificate containing: server domain name, public key, certificate validity, and CA signature.

Certificate Chain

Server may send certificate chain (server certificate → intermediate CA → root CA) for validation. Learn more about certificate chains.

Certificate Verification

Client verifies certificate by: checking CA signature, validating certificate chain, verifying domain match, checking expiration, and verifying revocation status.

Verification Failure

If certificate verification fails, TLS handshake fails and connection is rejected. Learn more about TLS handshake failures.

Authentication

Successful certificate verification authenticates server, ensuring client is connecting to legitimate server.

Key Exchange

Premaster Secret

Client generates premaster secret (random key) and encrypts it using server's public key from certificate.

Encrypted Transmission

Client sends encrypted premaster secret to server, which decrypts it using private key.

Session Key Derivation

Both client and server derive session keys from premaster secret using agreed-upon key derivation function.

Key Security

Session keys are used for encrypting data during TLS session, ensuring secure communication.

Perfect Forward Secrecy

Modern TLS (TLS 1.3) supports perfect forward secrecy, ensuring past communications remain secure even if keys are compromised.

Handshake Completion

Finished Messages

Both client and server send Finished messages encrypted with session keys, confirming handshake completion and verifying keys.

Handshake Verification

Finished messages verify that both sides have correct session keys and handshake completed successfully.

Secure Communication

After handshake completes, secure encrypted communication begins using established session keys and agreed-upon cipher suite.

Handshake Duration

TLS handshake typically completes in milliseconds, though it may take longer on slow networks or with complex certificate chains.

Handshake Failure

If handshake fails (certificate validation fails, key exchange fails, etc.), connection is rejected and secure communication cannot begin.