Engineering Notes

TLS and Encryption

3 min read

TLS and Encryption

Transport Layer Security (TLS) encrypts communication between two endpoints, providing confidentiality, integrity, and authentication. It sits between the transport layer (TCP) and the application layer (HTTP, SMTP, etc.). HTTPS is just HTTP over TLS.

Why It Matters

Every secure connection on the internet — HTTPS, email, database connections, API calls — uses TLS. Understanding TLS explains why certificate errors happen, how HTTPS is negotiated, what “end-to-end encryption” means (and doesn’t), and how to debug connection issues with openssl s_client.

Symmetric vs Asymmetric Cryptography

AspectSymmetricAsymmetric
KeysSame key encrypts + decryptsPublic key encrypts, private key decrypts
SpeedFast (AES: hardware-accelerated)Slow (RSA: 100-1000x slower)
Key exchangeRequires pre-shared keyPublic key can be shared openly
Use in TLSBulk data encryptionKey exchange + authentication
ExampleAES-256-GCM, ChaCha20RSA, ECDSA, Ed25519, X25519

TLS uses both: asymmetric crypto to securely exchange a shared secret, then symmetric crypto for fast bulk encryption.

TLS 1.3 Handshake

Client                                        Server
  │                                              │
  │── ClientHello ─────────────────────────────→│
  │   (supported ciphers, key share,            │
  │    supported groups)                         │
  │                                              │
  │←───────────────────────── ServerHello ──────│
  │   (chosen cipher, server key share)          │
  │                                              │
  │   [from here, everything is encrypted]       │
  │                                              │
  │←── {Certificate} ─────────────────────────  │
  │←── {CertificateVerify} ───────────────────  │  (proves server has private key)
  │←── {Finished} ────────────────────────────  │
  │                                              │
  │── {Finished} ────────────────────────────→  │
  │                                              │
  │←──────── Application Data ────────────────→ │

1-RTT handshake (TLS 1.2 needed 2 RTTs). TLS 1.3 also supports 0-RTT for resumed connections (at the risk of replay attacks).

Certificate Chain of Trust

Root CA (pre-installed in OS/browser trust store)
  │ signs
  └→ Intermediate CA
       │ signs
       └→ Server Certificate (example.com)
            contains: domain name, public key, validity dates, issuer

Client verifies: signature chain valid? Certificate not expired? Domain matches? Certificate not revoked (CRL/OCSP)?

Let’s Encrypt provides free certificates via ACME protocol. Most TLS issues are certificate problems — wrong domain, expired, incomplete chain.

AEAD Ciphers

TLS 1.3 uses only AEAD (Authenticated Encryption with Associated Data) ciphers — encryption + integrity in one operation:

CipherSpeedNotes
AES-256-GCMVery fast with AES-NI hardwareDefault for most servers
ChaCha20-Poly1305Fast without hardware AESBetter on mobile/ARM without AES-NI

No more CBC mode, RC4, or MD5 — TLS 1.3 removed all legacy weak ciphers.

Perfect Forward Secrecy (PFS)

If the server’s private key is compromised, can past traffic be decrypted?

  • Without PFS (RSA key exchange): yes — private key decrypts all past session keys
  • With PFS (ECDHE key exchange): no — each session uses an ephemeral key pair that’s discarded

TLS 1.3 mandates PFS — only ephemeral key exchanges (ECDHE) are allowed.

Debugging TLS

# Connect and show TLS details
openssl s_client -connect example.com:443
# Shows: certificate chain, cipher suite, TLS version, expiry dates
 
# Check certificate expiry
echo | openssl s_client -connect example.com:443 2>/dev/null | \
  openssl x509 -noout -dates
 
# Test specific TLS version
openssl s_client -connect example.com:443 -tls1_3
 
# Show all certificate details
openssl s_client -connect example.com:443 2>/dev/null | \
  openssl x509 -noout -text
curl -v https://example.com 2>&1 | grep -E "SSL|TLS|subject|issuer"
# Shows TLS handshake in curl output

mTLS (Mutual TLS)

Standard TLS: only the server presents a certificate. mTLS: the client also presents a certificate, authenticating both sides.

Used for: service-to-service communication (service mesh), API authentication, zero-trust networks.

Graph View

Backlinks