9 Secure Transport

 

This chapter covers:

  • Transport Security Protocols, protocols used to encrypt communications between machines.
  • The Transport Layer Security (TLS) protocol, the most widely used transport security protocol.
  • Other transport security protocols in-use.

You now enter the second part of this book, which is going to make use of most of what you’ve learned in the first part of this book. Most, if not all chapters in this part will make heavy use of the first part. For this reason, if you have any doubt, go back to the basics.

The most widely used protocol to secure communications is SSL/TLS. This is what you use every day to browse the web! For this reason, most of this chapter is about SSL/TLS and how it works for the web. I will also lightly cover other secure transport protocols and how they differ from SSL/TLS.

This chapter is quite long, as there is a lot to say on the topic of securing communications. After all, cryptography was invented for this purpose.

Brace yourself!

9.1  What is SSL/TLS?

In order to understand why we came up with SSL/TLS as a secure transport protocol, let’s walk through the following scenario.

When you enter www.example.com in your web browser, your browser uses a number of protocols to connect to a web server and retrieve the page you requested (see figure 9.1).

9.2  How Does TLS Work?

9.2.1  The TLS Handshake

9.2.2  How TLS 1.3 Encrypts Application Data

9.3  The State of the Encrypted Web Today

9.4  Other Secure Transport Protocols

9.4.1  The Noise Protocol Framework: A Modern Alternative To TLS

9.4.2  Wireguard

9.5  Summary

sitemap