We’ll use TCP/IP model for example purpose because TCP/IP is the current de facto standard used over the internet
- Application Layer: You enter a URL (say, https://www.example.com) into your web browser. Your web browser (the client) prepares an HTTPS request. HTTPS is HTTP running over SSL/TLS, which encrypts the data for secure transmission.
- Transport Layer: This request is then passed down to the transport layer, which uses TCP to manage the end-to-end connection. Before any data exchange, a TCP three-way handshake is initiated to establish the connection:
- SYN: Your device (the client) sends a SYN (synchronise) packet to the server with a random sequence number.
- SYN-ACK: The server acknowledges this and sends back a SYN-ACK (synchronise) packet, which contains an acknowledgment number (the received sequence number incremented by one), and its own random sequence number.
- ACK: Your device (the client) sends an ACK (acknowledge) packet back to the server with a new acknowledgment number (the server’s sequence number incremented by one).
- Secure Socket Layer (SSL)/Transport Layer Security (TLS) Handshake: Now that the TCP connection is established, an SSL/TLS handshake occurs to securely exchange encryption keys before the actual application data (HTTPS request) is sent:
- The client sends a “ClientHello” message with its SSL/TLS version, list of supported cipher suites, and a random string of bytes (Client Random).
- The server responds with a “ServerHello” message, deciding on the parameters of the encryption. It also sends its own random string of bytes (Server Random) and its digital certificate.
- The client verifies the server’s certificate with a Certificate Authority (CA) and creates a pre-master secret, encrypts it with the server’s public key (obtained from the server’s digital certificate), and sends it to the server in a “ClientKeyExchange” message.
- Both the client and the server generate the same session keys using the pre-master secret and random bytes.
- Internet Layer: Once the SSL/TLS handshake is completed and both the client and server have agreed on the encryption keys, the HTTPS request is encrypted and sent as TCP segments. These segments are then packaged into IP packets by the Internet layer, adding source and destination IP addresses.
- Network Interface Layer: These IP packets are then encapsulated into frames by the Network Interface layer and transmitted over your physical network connection (Ethernet or Wi-Fi, for example) to your router.
- The server receives this request, and the process is reversed to unpack the HTTPS request. It’s decrypted using the previously agreed session keys and processed by the server’s application layer. The server responds by sending back the requested webpage (also encrypted with the agreed session keys).
- The response travels back through the same layers in reverse order at the server’s end, over the internet, and then through the layers in the original order on your computer. Once the response reaches the transport layer, it’s decrypted with the session keys, and the webpage content is finally rendered by your web browser.
This process illustrates how the TCP/IP model, in combination with the HTTPS protocol and TCP’s three-way handshake, enables secure and reliable internet communication.