Transport Layer Security (TLS) protocol plays a crucial role in securing communications across the web. Whether accessing a website or web application, checking email, or transmitting sensitive data - cryptography mechanisms within TLS encrypt the session and validate identities on both ends.

The initial handshake process establishes the foundation for all subsequent secure communications between the client and server. Over the years, TLS has evolved to optimize and strengthen this handshake. In this article, we’ll compare the TLS 1.2 and 1.3 handshake flows to understand the improvements made in the latest TLS version.

TLS 1.2 Multi-Step Handshake

Earlier implementations of TLS such as 1.2 require multiple round-trip messages between the client requesting a connection and the server processing the request before setting up a secured session:

As we can see, two full round trips containing a total of 6 messages are exchanged before the client can finally send an encrypted HTTP request and receive a response. This involves substantial latency overhead during the initial setup.

TLS 1.3 - Streamlined for Speed

TLS 1.3 significantly reduces this handshake latency by streamlining down to just one round trip:

Now the client can send all required information including key exchange and encryption spec in the initial “hello” message. The server processes this, sends back everything needed including certificate verification and the session is ready for secure application data transmission.

For subsequent connections where the server has cached the session state, zero round-trip resume handshakes are even possible. The client can send a request and encrypted data in the first message, with the server responding immediately.

Advantages of the Lean TLS 1.3 Systems

Faster Connection Setup - Eliminating round trips minimizes delays allowing faster access to secure resources.

Improved Latency - Key for modern applications requiring responsive and real-time user experiences.

Enhanced Security - Latest cryptographic algorithms and mechanisms to counter emerging threats.

Backward compatibility - Legacy TLS 1.2 systems are still supported for access to older infrastructure.

Despite the advantages, TLS 1.3 adoption is still evolving. As more software and infrastructure migrates, we’ll see broad improvements in security and speed across encrypted web transactions.

Conclusion:

The TLS handshake process has optimized significantly from 1.2 to 1.3 versions - exchanging fewer messages with no redundancy to set up secure sessions faster. For any modern application, upgrading to TLS 1.3 is strongly recommended to benefit from improved latency, user experience, and future-proof security.