The TLS 1.3 Handshake
Communication using TLS 1.3 begins the TLS handshake. This is an initial negotiation between the client and server that establishes the parameters of their subsequent interactions within TLS. It consists of three phases: key exchange, server parameters, and authentication:
- Key Exchange: This phase establishes shared keying material, such as which named group the shared key can belong to (Elliptic Curve Groups (ECDHE) or Finite Field Groups (DHE)), and selects cryptographic parameters, such as symmetric cipher options.
- Server Parameters: This phase establishes other handshake parameters such as whether certificate-based client authentication is desired.
- Authentication: This phase authenticates the server (and optionally the client) and provides key confirmation and handshake integrity.