TLS Encryption

TLS sets up an encrypted connection via the TLS Handshake. It uses both symmetric and asymmetric key encryption.

Symmetric Key Encryption

Symmetric key encryption is a system where a key is shared between the two parties who wish to exchange message securely.

In this system, both parties agree on a secret key and keep a copy of it. The same key is used to encrypt and to decrypt a message.

To be secure, this system relies on the shared key being secret. In other words, none other than the participant shall have access to the shared key.

This make the first exchange of encryption keys a challenge: how do sender and receiver exchange the encryption keys securely in the first place?

This concern is one reason the asymmetric key encryption was created.

Asymmetric Key Encryption

Also known as public key encryption.

In this system, a pair of keys, public and private key is used to respectively encrypt and decrypt a message. Contrary to the symmetric key, one key cannot do both.

Message encrypted with the public key can only be decrypted with the private key. The public key is, as its name implies, public, and the private key shall be kept securely by the person or system who generated it.

One big difference with the symmetric system is that asymmetric encryption is a one way direction system: for two person to be able to communicate, both need a private key and the public key of the other party.

Cipher Suites

A cipher is a cryptographic algorithm: the sum of all steps necessary to perform encyption, decryption and other related tasks.

A cipher suite is a suite, meaning a set of ciphers.