While the majority of information we read today is geared towards cyberattacks and crimes, some security induced into the way we communicate and conduct our online banking would help a lot. The emails we send, the online purchases we make with our credit cards are all safe and secure as they are today thanks to the cryptographic protocols used in these websites and web servers. The objective of this article is to focus on one such protocol called Transport Layer Security Protocol (TLS). The Transport Layer Security protocol is a protocol that ensures secure communication between two parties communicating over the Internet. Communication is usually between a user (acting as a client) and a server. The protocol is built on a reliable transport layer protocol like TCP. TLS is made up of two parts and provides both authentication and privacy through the use of encryption algorithms in the same way that asymmetric key cryptography is used to achieve authentication between two peers and secure the hash. functions are used to make the connection more reliable. The TLS protocol is independent of the Application layer protocol, which is an advantage because higher-level protocols can be built transparently on top of TLS. The TLS Registration and Handshake Protocols The TLS Registration Protocol The TLS Registration Protocol is a layered protocol. Each layer of the protocol can include different types of fields. The protocol divides these messages into blocks and compresses the data. It then applies a MAC algorithm to the data and, after encrypting the resulting data, transmits it to the sender. On the receiving side, the process is reversed and the data is retrieved and sent to higher levels of the system. The...... middle of paper ...... entities descend to the least secure method they support. The protocol was designed to minimize this risk, but there are opportunities for attacks. Handshake Protocol Steps The TLS handshake protocol involves the following steps: - Exchange hello messages to agree on algorithms, exchange random values, and verify session resumption. Exchange necessary cryptographic parameters to allow the client and server to agree on a pre-master secret. - Exchange certificates and cryptographic information to allow the client and server to authenticate. - Generate a master secret from pre-master secret and exchanged random values. - Provide security parameters to the registration layer. - Allow the client and server to verify that their counterpart calculated the same security parameters and that the handshake occurred without tampering by an attacker..