I have been slowly learning various Kubernetes topics, just coz it has become such a fundamental thing in this cloud world.
One of the topics that I came across was about how TLS encryption is used in Kubernetes to secure communication between clients and servers.
I've never tried to understand how encryption itself works & how data security is guaranteed while it is transferred back and forth between a client service and a server service.
I came across a few articles that helped me to understand these TLS concepts to an extent.
So what did I learn? Quick summary.
- There are two types of TLS encryption - Symmetric encryption and Asymmetric encryption.
- Symmetric encryption means that you use the same key to encrypt and decrypt your data both on the server side and the client side. And if you're not careful, you might end up exposing your key to hackers. You know, they are always trying to get you.
- In asymmetric encryption, you have a public/private key pair. Only the Public key is shared with your clients. Clients encrypt their data using your public key before it is transferred to the server. On the server side, the data is decrypted using the private key that you safely maintain somewhere.
I use the following articles to understand more about symmetric and asymmetric encryption.