Transport Layer Security (TLS) is an encryption protocol used to transmit sensitive data over the internet. Many uses of the web involve sensitive or private data. Logging into an application requires you to send authentication credentials that must be known only to you.
Making an online payment is another sensitive transaction. If malicious actors such as hackers get hold of your card details, you could become a victim of financial fraud. Additionally many people use the internet for online messaging, which these days is often on a mobile device. Given all these sensitive applications, there needs to be a guarantee that data sent over the internet is known only to the sender and the intended recipient. TLS encryption provides that guarantee and it is a fundamental component of both our SMS and Voice products.
History of TLS
Transport Layer Security was first created in 1999, at which time it represented a leap forward in internet security. At the beginning of the web, most data was transmitted in an unencrypted fashion by default. The first form of online data encryption was Secure Socket Layers (SSL). Created in 1994, SSL encryption was initially used for a specialised applications where the security of sensitive information needed to be guaranteed. These included, online financial transactions and submitting authentication credentials such as passwords.
As the internet became more and more popular, there emerged two sources of pressure for data to be encrypted in a foolproof fashion. First, an increasing number of users were relying on the internet for sensitive data transactions. In addition to the traditional realms of online payment and user authentication, more and more people were using the internet through their phones for applications such as online messaging, social media posting, and even dating. Second, as the information revolution progressed, the methods used by hackers and bad actors became much more technically sophisticated. To stay one step ahead in the cybersecurity arms race, encryption technology needed to step on the gas.
The original SSL protocol was improved in three iterations through the 1990s. Modern TLS is developed from SSL 3.0 and represents the current standard of online encryption. The high proportion of sensitive transactions in the web means that data encryption is shifting towards being the rule rather than the exception. The extent of this was made clear when, in 2014, the IAB called on developers and operators to encrypt data by default. Nowadays, servers and browsers include TLS encryption as the default for online data transactions, so your connection is more likely encrypted than not, even if you don’t realise it.
TLS encryption methods
To ensure that sensitive data is secure from hackers, TLS uses a range of clever mathematical and computational encryption procedures. The core of TLS encryption is encryption keys. A key is a random string which is applied to unencrypted data to produce encrypted data. Once encrypted, the data can only be decrypted by another person with the key used to encrypt it. TLS implements keys using symmetric and asymmetric cryptography.
Symmetric cryptography is when a key is shared with both the sender and the recipient. This method is computationally efficient but requires trust between the sender and the recipient, which could make any information shared with this method less secure.
Asymmetric cryptography uses two keys: a public key and a private key. The public key is shared between both sender and recipient. The recipient decrypts the message using a mathematically related private key. Security is ensured by making it impractical to derive the private key from the public key. TLS uses asymmetric cryptography to generate a session key which is shared between sender and recipient. The session key is discarded when a session is finished.
Sinch Products with TLS
Sinch API platforms use the internet to facilitate mobile communications from SMS to voice calls. Customers value secure communication channels so TLS encryption is built into two of our products.
SMPP with Sinch enables customers to send SMS traffic securely and in bulk. It uses the Short Message Peer to Peer (SMPP) Protocol. This is an open, industry standard protocol enabling SMS data to be transmitted between our servers and our customers. TLS encryption ensures secure connectivity to SMPP servers.
SIP Trunking enables customers to make secure voice calls using our servers, Sinch uses SIP trunking. SIP refers to Session Initiation Protocol, the de facto way to make and end connections for VoIP data exchanges. TLS encryption is used to ensure voice data exchanged between Sinch servers and Sinch clients remains private.