The TLS protocol is
based on the SSL 3.0 protocol specification as published by Netscape. The
differences between TLS 1.0 and SSL 3.0 are not dramatic, but they are
significant enough that TLS 1.0 and SSL 3.0 do not interoperate (although
TLS 1.0 does incorporate a mechanism by which a TLS implementation can
back down to SSL 3.0).
Differences between
SSL v3.0 and TLS v1.0:
When using a cipher
block algorithm, data application should be a multiple of the cipher’s
block length. Therefore the data to be encrypted is padded out to be in
a proper length.
In TLS, the padding
can be any amount that ends in a total length that is a multiple of the
cipher’s block length (up to 255 bytes).
For instance, if data
before encryption is 79 bytes long and the cipher’s block length is 8,
then the padding length can be 1, 9, 17, and so on, up to 249.
In the earlier versions
of SSL, the padding length had to be the minimum amount required so that
the total size of the data would be a multiple of the cipher’s block length,
so if we look at the example above, the padding length would have to be
1.
Using a variable padding
length makes it more difficult to attack by analyzing the exchanged message’s
length.
TLS supports all SSL
v3.0 alert messages except the no_certificate message and in addition has
other new alert messages. TLS also supports all of the SSL v3.0 key-exchange
and cipher algorithms with the exception of the Fortezza key-exchange and
symmetric encryption algorithm.
There is a minor difference
between the versions in the MAC computation, but the level of security
is about the same in both of them. There are also some small, insignificant
differences in the certificate_verify and the finished messages, which
we will not elaborate on here.
After the IETF published it as an Internet standard, the TLS protocol has been universally accepted on the World Wide Web for authentication and encrypted communication between clients and servers.
Remark: This
site is mainly about SSL version 3.0, which is very similar to SSL version
3.1.