TLS False Start

A TLS false start is a feature of Transport Layer Security that reduces some of the latency required by the protocol‘s encryption and authentication processes. Transport Layer Security (TLS) superseded SSL (Secure Socket Layer) protocols, and both are intended to encrypt Internet sessions between two parties, a client and a server. The client, usually an individual Internet user, and the server, a website or network, must communicate to establish a connection to transfer data. TLS is a protocol that aims to secure that connection so that attackers cannot steal confidential information from the Internet session (such as a bank account login or credit card purchase).

The TLS handshake process creates a secure channel to establish an encryption key by:

  • Deciding which cipher to use
  • Choosing a TLS version that works for both
  • Authenticating the parties’ identities, perhaps by using a digital certificate authority

The TLS protocol causes higher latency because the handshake and encryption process takes longer than an unsecured Internet session protocol would. Choosing which cipher the client and server will use takes time, as does authentication. The term false start refers to beginning the transfer of data a little bit early when one of the parties has already completed the choice of cipher and authenticated their identity but has not received confirmation of the same from the other party. This reduces latency somewhat.

A TLS false start is intended to speed the significantly slowed TLS protocol. A client or server can begin to transmit data more quickly. A false start reduces the round trip time (RTT) of the TLS protocol from two to one.






Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.

Related Articles

@ Sign

Pronounced at sign or simply as at, this symbol is used in e-mail addressing to separate the user' name from the user's domain name,...

Munging

(MUHN-jing) Munging (address munging), is the act of altering an email address posted on a Web page to make it unreadable to bots and...

How to Create an RSS Feed

In the second installment of RSS how-to, we look at some of the nonrequired (optional) channel and item tags, discuss RSS specifications in-depth and...

Dictionary Attack

(n.) (1) A method used to break security systems, specifically password-based security systems, in which the attacker systematically tests all possible passwords beginning with...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...