Cryptographic protocols allow for the secure transfer of data using key pairings and encryption techniques. Transport Layer Security (TLS), and its predecessor Secure Sockets Layer (SSL), are cryptographic protocols that allow for secure communication over the internet; TLS is used for HTTPS web connections.
A TLS connection is formed when a client sends a request to a TLS-enabled server for a secure connection. The server then selects a cipher and hash function for use in the connection and sends back its digital certificate, which consists of a secure form of identification for the server as well as the server’s public encryption key. The client’s browser then confirms that the certificate is valid and encrypts a random number for the server to decrypt. Once the server has decrypted the random number, a secure connection is established using the key pairings selected by the server.
Recent attacks by hackers have exposed the certificates of several large servers, allowing the recipients of those certificates to impersonate another server and establish a “secure” connection with a client. This false-secure connection allows an impersonating server to send malicious software to a client that will consider the contents to be trusted software and data.