Menu
Course/Security & Auth/TLS/SSL & Encryption

TLS/SSL & Encryption

TLS handshake, certificate management, encryption at rest vs in transit, key management services, and envelope encryption patterns.

12 min read

Encryption Fundamentals

Encryption is the transformation of plaintext into ciphertext using a cryptographic algorithm and a key. In distributed systems, you need encryption in two distinct scenarios: in transit (protecting data as it travels across networks) and at rest (protecting data stored on disk or in databases). A third scenario — encryption in use (homomorphic encryption) — is emerging but not yet practical for most production systems.

DimensionEncryption in TransitEncryption at Rest
Protocol/StandardTLS 1.2 / 1.3AES-256-GCM, ChaCha20-Poly1305
Protects againstNetwork eavesdropping, MITMDisk theft, unauthorized storage access
Key lifecycleEphemeral session keys (forward secrecy)Long-lived keys, rotated periodically
Managed byTLS certificates, CDN/LBKMS (AWS KMS, GCP KMS, HashiCorp Vault)
Performance impactLow with TLS 1.3 + hardware offloadLow with AES-NI CPU instructions

TLS 1.3 Handshake

TLS 1.3 (RFC 8446, 2018) is the current standard. It streamlined the handshake from 2 RTT to 1 RTT by combining the key exchange into the first message. It mandates forward secrecy (ephemeral Diffie-Hellman key exchange) so past sessions cannot be decrypted even if the server's private key is later compromised. It removed deprecated, weak cryptographic algorithms (RC4, MD5, SHA-1, DES, 3DES) entirely.

Loading diagram...
TLS 1.3 handshake completes in 1 RTT vs TLS 1.2's 2 RTT

Mutual TLS (mTLS)

Standard TLS authenticates only the server to the client. Mutual TLS (mTLS) adds client certificate authentication — both sides present certificates. This is the gold standard for service-to-service authentication in microservices. It eliminates the need for API keys or tokens between internal services. Service meshes like Istio, Linkerd, and Consul Connect can inject and rotate mTLS certificates transparently, without application code changes.

Encryption at Rest: Key Management

Encryption at rest is only as strong as your key management. Storing the encryption key next to the encrypted data (or hardcoding it in source code) provides essentially zero protection. The industry standard is to use a Key Management Service (KMS): AWS KMS, GCP Cloud KMS, Azure Key Vault, or HashiCorp Vault. These services store master keys in Hardware Security Modules (HSMs) — tamper-evident hardware devices where keys are generated and never exported in plaintext.

Envelope Encryption Pattern

Directly encrypting large datasets with KMS is impractical — KMS has size limits and API rate limits. The solution is envelope encryption: generate a random Data Encryption Key (DEK) for each piece of data, encrypt the data with the DEK, then encrypt the DEK with your Key Encryption Key (KEK) stored in KMS. Store the encrypted DEK alongside the ciphertext. To decrypt, call KMS to decrypt the DEK, then use the DEK to decrypt the data.

Loading diagram...
Envelope encryption: only the small DEK traverses the network to KMS, never the bulk data

Certificate Management

  • Let's Encrypt + ACME protocol: Free, automated certificate issuance and renewal. Supported by most reverse proxies (Nginx, Caddy, Traefik). Certificates expire every 90 days, encouraging automation.
  • AWS Certificate Manager (ACM): Managed TLS certificates for AWS resources (ALB, CloudFront). Automatically renews. Free for AWS-integrated resources.
  • Certificate Pinning: Clients only accept a specific certificate or public key, preventing MITM with rogue CA-signed certificates. Risky — difficult to rotate; causes outages if misconfigured.
  • HSTS (HTTP Strict Transport Security): Instructs browsers to always use HTTPS for your domain. Include `includeSubDomains` and `preload` directives. Submit to HSTS preload list for maximum protection.
⚠️

Don't Roll Your Own Crypto

Never implement cryptographic algorithms yourself. Use vetted libraries: libsodium (modern, opinionated, hard to misuse), OpenSSL (ubiquitous, but complex API), or Bouncy Castle (JVM). Cryptographic bugs are notoriously subtle — Heartbleed, POODLE, and BEAST were all implementation errors in production systems, not weaknesses in the underlying math.

💡

Interview Tip

When TLS comes up in interviews, mention TLS 1.3's 1-RTT handshake and its removal of weak ciphers. For internal services, recommend mTLS via a service mesh. For key management, mention envelope encryption with AWS KMS or HashiCorp Vault. This breadth shows you understand both the protocol level and operational realities.

Previous

API Gateway for Security

Next

DDoS Protection

📝

Knowledge Check

5 questions

Test your understanding of this lesson. Score 70% or higher to complete.

Ask about this lesson

Ask anything about TLS/SSL & Encryption