This document explains how TLS (Transport Layer Security) provides encryption for HTTPS communication, including a detailed table of the handshake steps and the role of the pre-master secret.

Transport Layer Security (TLS) is a cryptographic protocol that secures communication over a network. It is widely used in HTTPS to protect the confidentiality and integrity of data between a web client and server. TLS uses both:

• Asymmetric encryption: for secure key exchange

• Symmetric encryption: for encrypting actual data transferred after the handshake

TLS handshake is the process that establishes a secure connection between a client and a server. Below is a detailed step-by-step breakdown of how it works:

After this process, the TLS connection is established and symmetric encryption is used to securely exchange data.

The pre-master secret is a randomly generated value created by the client and encrypted using the server's public key. Only the server can decrypt it, ensuring confidentiality.

Once the server decrypts the pre-master secret, both the client and server use it, along with the two random numbers (R1 and R2), to derive the master secret. This master secret is then used to generate the symmetric session keys that will encrypt and decrypt the data during the session.

master_secret = PRF(pre_master_secret, "master secret", R1 + R2)

Where PRF is a pseudo-random function defined by the TLS specification.