Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

The SSL/TLS Handshake – Know the Process

The SSL/TLS Handshake is a Process to Set Up a Secure Connection

Everything starts from somewhere, and the process of secured SSL/TLS connection is no different. Whenever any SSL connection takes place, first, it goes through a series of steps that take place between the client and the server for verifying each other before starting any communication through a secured SSL/TLS tunnel. And, that process of creating a secure tunnel for communication is known as the SSL/TLS Handshake.

What is SSL/TLS Handshake?

If you’re thinking what is SSL/TLS Handshake, then you’re not alone, and there’s a definite reason behind it. The handshake is whenever two parties – server and client face each other very first time. It requires a series of steps such as validation of identity to each other while generating a private key, also called a secret key.

In other words, the SSL handshake is nothing more than a conversation between client and server, whose goal is the same – to achieve secure connection using symmetric encryption.

However, keep reading and get answers to common questions such as information on

  • The Update of SSL/TLS Handshake,
  • How SSL/TLS Handshake Works,
  • The difference between the older and newer version of the TLS handshake?

Is TLS Handshake Updated?

Yes, it’s true, TLS Handshake has been updated. But, that’s also true that the entire TLS version has been updated to the latest one standing: TLS 1.3 (RFC 8446), which took a full decade and 28 drafts. Though there’s nothing wrong with TLS 1.2, it’s secure and still being used globally, but that’s also a truth that there’s a potential of being insecure. Although none of the potential insecurities has been exploited by any malicious actors, still there’s a potential.

Here’s How the SSL Handshake Works

Let’s see through step-by-step how SSL handshake works in both the versions: TLS 1.2 and TLS1.3. First, we’ll begin with TLS 1.2 handshake process, and then later, we’ll look into another one.

TLS 1.2 Handshake:

Similar to TLS 1.0 and 1.1, the TLS 1.2 handshake also involves multiple communications between server and client before finalizing a secure SSL connection. Let’s simplify it step-by-step.
Step 1: The SSL handshake connection initiates with the client sending the message “client hello” to the server along with relevant information like supported protocols and CipherSuites along with random value or string.

Step 2: And, once the server receives the message sent by the client “client hello,” the server responds back by sending the message “server hello.” And, this message also includes other supportive information like the CipherSuite chosen by the server from the client’s offered list. And, it also sends its certificate, session ID and a random value.

Step 3: Once the Client receives the certificate sent by the server, it does the verification, and then it sends back a string of random byte, also known as “pre-master secret” while encrypting it with the help of the public key of server’s certificate.

Step 4: And, after the server receives the pre-master secret, the server and the client both generate a master key with session keys, also called ephemeral keys. And these ephemeral keys are further used for symmetrically encrypting the data.

Step 5: A “Change Cipher Spec” message is sent to the server by the client for letting it know that it’ll switch to symmetric encryption through session keys while sending the “Client Finished” message.

Step 6: Now, the server responds to the client’s “Change Cipher Spec” message by doing the same thing, i.e., switching its security towards symmetric encryption. And the server ends the handshake by sending the “server finished” message.

Here you can see that it took two roundtrips among the client and the server for the completion of the handshake. On average, it takes around 0.25 to 0.5 seconds, but it can take more than that depending upon other factors.

Read: What is Public Key Encryption?

TLS 1.3 Handshake:

Here, TLS 1.3 handshake differs in its processing steps. It involves only one round-trip instead of three done in TLS 1.2. Hence, resulting in reduced latency. Let’s look through it:
Step 1: Like TLS1.2 handshake, the TLS 1.3 also starts by sending the “Client Hello” message, though it does have one change. Along with the message, the client also sends the list of supported cipher suites while guessing, which key agreement protocol server will select.

Step 2: And, in reply to the “Client Hello” message, the server responds with the chosen key agreement protocol while encompassing the server’s key share, certificate, and the “Server Finished” message.

Note: The message sent in the 6th step of TLS 1.2 handshake “Server Finished” is sent in the second step. Hence, TLS 1.3 saves one round trip and about four steps.
Step 3: The server certificate is verified by the client, and it generates keys due to the server’s key share while sending the “Client Finished” message. Finally, data encryption begins.

If you compare the TLS 1.3 with the TLS 1.2, you’ll see the definite difference of reduced round-trip, which also saves hundreds of milliseconds. Though you may think it doesn’t make any significant difference, in reality, it does, as the delay of even a half-second can lead to a decline in traffic.

TLS 1.2 vs. TLS 1.3 – Here’s the Difference

Looking at round trips, you may think there’s no significant difference, but that’s not true. Some of the significant difference you can see among the both TLS 1.3 and TLS 1.2 are like:

Removal of Vulnerable Algorithms & Ciphers in TLS 1.3:

In TLS 1.3, many ciphers and algorithms have been removed, which are practically as well as theoretically vulnerable. For example, RSA Key Exchange, RC4 Stream Cipher, CBC (Block) Mode Ciphers, SHA-1 Hash Function, Various non-ephemeral Diffie-Hellman groups, MD5 Algorithm, DES, 3DES, and EXPORT-strength ciphers.

Cipher Suites Made Simpler:

The size of the Cipher Suites has been reduced to half. In TLS 1.2, Cipher Suites included four ciphers. For example:
But, in TLS 1.3, cipher suites don’t include the key exchange as well as signature algorithms. It means the hashing algorithm and bulk cipher are only left. Below is the example:
Some other differences among TLS 1.2 and TLS 1.3 are:
  • Support for outdated ciphers and algorithms eliminated.
  • RSA key exchange got eliminated, and Perfect Key Forward Secrecy became mandatory.
  • Reduces the total number of handshakes.
  • AEAD bulk encryption is mandated while eliminating block mode ciphers.
  • Key derivation, as well as HKDF cryptographic extraction, is reduced.
  • Zero Round Trip Resumption and 1-RTT is offered.
  • Support for additional elliptic curves.


It’s for sure that TLS 1.3 is an improved version compared to that earlier one TLS 1.2, and it offers many improvements when it comes to security and even latency. Also, it’s official, and everyone can make use of it, as popular web browsers such as Google Chrome and Mozilla Firefox have started supporting it. However, the adoption of TLS 1.2 took around the decade, so the question remains whether the internet will make a move quickly.

Related Articles:

Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More