Why does TLS require TCP? Also TCP vs TLS - Whats the difference?
I have an oral network security exam coming up, and know that in past exams, the professor asked about why TLS requires TCP. I know that there is DTLS but it wasn't part of the lecture. So the question is about what advantage TLS gains by requiring its underlying protocol to be TCP, I guess. I already heard some wild guesses but no convincing arguments. In the beginning of the RFC, it says: At the lowest level, layered on top of some reliable transport protocol (e.g., TCP [TCP]), is the TLS Record Protocol. Seemingly everywhere else (according to my judgment), the RFC doesn't only require "some reliable transport protocol" but TCP in particular.
TLS requires a reliable transport. On the internet, this leaves only TCP, as UDP does not offer reliability. This is so, because (in compliance with the layered architecture of the ISO/OSI reference model) it does not handle transport errors, lost packets, or other disturbances that may occur with IP. TLS is designed to offer a secure channel on top of a reliable transport and it does this quite well. DTLS does (I assume) the necessary error handling within the protocol. If TLS was to be performed over UDP, connections and handshakes could fail just because a packet got lost in transit and no one noticed. Minimization of such problems is (according to the ISO/OSI reference model) the designated task of a reliable transport. Any reliable transport works theoretically, yet for all practical purposes of IP networks, this usually implies TCP.
Also tcp vs TLS - Whats the difference?
TCP, Transport Control Protocol, is a fundamental part of the internet, used by every computer on the net and responsible for the vast majority of the traffic over the internet. It is responsible for converting the “best efforts” data transmission of the underlying IP (Internet Protocol) packer routing system into a highly reliable transport which can be depended on by both ends of a transaction to deliver data uncorrupted and in order. TLS on the other hamd Transport Layer Security, is a security layer which sits on top of a transport layer such as TCP and allows secure communication over an insecure network. TLS encrypts data before it reaches TCP (or other transports), and decrypts it after being handed over by the transport at the other end. It also handles the necessary key exchange.