The protocol constitutes two layers; one is the TLS Record Protocol and the other is TLS handshake protocol.
Netgear (2005) further discusses that TLS Record Protocol is a layered protocol. There are different contents for messages at every layer; messages may contain fields for length or details about the message. Record Protocol performs a series of functions; takes the data/message which is desired to be transmitted to the other end, divides the data into smaller blocks, performs the compression function on the data if needed, applies a MAC and encrypts the message according to it and then finally transmits the result. The data which is received at the target server is decrypted, then verified if it has come from the expected host, decompressed and finally passed onto the target host. TLS Record has two main properties, which are discussed below:
Connection between the two communicating entities is private. The technique that is used for data encryption is symmetric cryptography. The connection is secure because the key for this symmetric cryptography is unique for every connection, which is communicated between the two connecting applications by another protocol- TLS Handshake Protocol. If security of the connection can be compromised then it is possible to utilize the Record Protocol without encryption.
Another characteristic about the protocol is that it provides a reliable connection; this is possible due to the provision of a message integrity check which works on a keyed MAC. The security of MAC is ensured by computing it with a secure hash functions.
TLS Handshake Protocol gives a medium for the client and server to authenticate each other and to decide an encryption algorithm. Cryptographic keys are also negotiated among the two applications before any data is transferred or received by either. The steps for TLS handshake protocol are defined in the figure below;
The negotiation process of the encryption algorithm is also secure therefore