Explain the TLS handshake process.

TLS 1.2 handshake: 1) ClientHello (supported cipher suites, random). 2) ServerHello (chosen cipher, random), Certificate, ServerKeyExchange. 3) Client verifies certificate, sends ClientKeyExchange (encrypted pre-master secret or DH parameter). 4) Both derive session keys from pre-master secret. 5) ChangeCipherSpec, Finished messages verify handshake. TLS 1.3 reduces to 1-RTT by sending key share in ClientHello. Results in symmetric encryption for data transfer.