Unlike User Datagram Protocol (UDP)—another standard that applications use to exchange data—TCP is designed for accuracy, not speed. In data transport, data packets can sometimes arrive out of order or get lost. TCP numbers each packet to ensure that every piece reaches its destination and can be rearranged if needed. When packets don’t arrive within a specified timeframe, Transmission Control Protocol requests re-transmission of the lost data.
Throughout the entire exchange, TCP maintains the connection between the two applications, ensuring that both parties send and receive everything that needs to be transmitted and confirming that it's correct.
Transmission Control Protocol is the most popular standard for exchanging data over the Internet Protocol (IP), and it’s often referred to as TCP/IP. Since it helps facilitate the exchange of data over the Internet, TCP is part of what’s known as the “Transport Layer” of a network.
Here’s how it works and what it’s for.
How Transmission Control Protocol works
TCP serves as an intermediary between two applications that need to exchange data. When an application wants to transmit data, TCP ensures that:
- Data arrives in order
- Data has minimal errors
- Duplicate data gets discarded
- Lost or discarded packets get resent
It’s kind of like a courier for the Internet. Once TCP establishes the connection and defines the interaction, it boxes up the data, loads it onto separate trucks, and sends it to its destination via the IP highway.
“On the road,” traffic jams (network congestion), detours (traffic load balancing), and car accidents (network errors) can cause data to arrive out of order or prevent it from arriving on time.
As the data packets arrive, the recipient essentially signs for them with an acknowledgment: “I’ve received packet 4.” If the sender doesn’t receive this acknowledgement within a specified time, it resends the transmission. Once everything has arrived, TCP terminates the connection.
The entire process happens in three distinct phases.
The three phases of TCP operations
TCP operations involve numerous steps where the two endpoints use TCP to make requests, acknowledge each other, and confirm that the exchange is happening as intended. These steps fit into three main stages:
- Connection establishment
- Data transfer
- Connection termination
The phase names are self-explanatory, but there’s a lot more happening within each stage of the process.
During the connection establishment phase, TCP facilitates a “three-way handshake” where the applications request to synchronize and acknowledge each other. At this stage, TCP sets the parameters for the exchange and confirms that both entities (such as a server and a client) can participate in the exchange.
During the data transfer phase, TCP accepts the data being transferred, breaks it into ordered packets, adds a TCP header to provide context, and forwards it to the recipient using the Internet Protocol.
During the connection termination phase, the applications wait until they both acknowledge that the transmission is finished and error-free, and then TCP closes the connection between them.
TCP segments
When the Transmission Control Protocol receives a data stream, divides it up, and adds a TCP header to the transfer, the data stream becomes a “TCP segment.” The TCP header ensures that when the individual data packets arrive at their destination, they can easily be arranged in the correct order, and the recipient can clearly see if anything is missing.
In the connection establishment phase, applications can announce their Maximum Segment Size (MSS), which defines the largest TCP segment they will exchange. This represents the largest amount of data that will be transmitted in a single segment. If the MSS is too large, IP fragmentation will break the individual packets into smaller pieces, increasing the risk that some packets will get lost and that the applications will have to retransmit the data multiple times (this increases latency).
Congestion control
During the data transmission TCP ensures that packets are sent at a pace the network’s resources can handle. Initially, TCP only allows a few bytes to go through the network. This is known as the “Congestion Window” (CWND). When the recipient acknowledges the data arrived successfully, then TCP exponentially increases the Congestion Window and allows more data to go through.
After the CWND reaches a specified threshold, the increase becomes linear. If a packet gets lost, TCP significantly reduces the Congestion Window and transmits slowly again. Over time, TCP data throughput forms a sawtooth pattern, where the transmission rate increases and decreases sharply to control network congestion.
Error detection
Unlike UDP, TCP checks transmissions for errors. Using sequence numbers and a checksum, it determines whether transmissions arrive correctly. If one bit is inaccurate, the checksum will be incorrect. When that happens, TCP drops the incorrect segment.
What is TCP used for?
Transmission Control Protocol is a foundational component of everyday Internet usage. When you’re browsing the web and visit a webpage, the web server uses HyperText Transfer Protocol (HTTP) to send the file for the website to your device, and HTTP relies on TCP to connect the server to your computer and ensure that the file gets transferred correctly over IP. Other high-level protocols rely on TCP, too, including Simple Mail Transfer Protocol (SMTP) for sending and receiving email, File Transfer Protocol (FTP) for peer-to-peer file sharing, and MQTT (which is a key component of the Internet of Things and requires ordered, error-free packet streams).
Whenever accuracy is more important than transmission speed, networks are likely relying on TCP to maintain connections and make reliable data transfers. But since TCP uses three-way handshakes to establish connections, divides data streams into smaller packets, and requests retransmissions to guarantee accuracy, it increases the time it takes for data to transfer from one application to another.
This increased latency inhibits Internet usage like Voice Over Internet Protocol (VoIP), video streaming, and video gaming. In these instances, high-level protocols will rely on User Datagram Protocol, which is faster but less accurate.
TCP vulnerabilities
Transmission Control Protocol uses Internet Protocol addresses to establish connections between clients and servers. As a result, it has some inherent vulnerabilities that create cybersecurity challenges.
Denial of Service attacks
TCP consumes network resources to maintain connections. Malicious software can use IP spoofing and invalid data packets to spam requests, which the TCP tries to keep track of. As the volume of requests increases, TCP can consume too much of a server’s resources and cause it to crash.
Hackers will often use botnets (a massive army of IoT devices) to launch Denial of Service (DoS) attacks, which is one reason IoT manufacturers need to be proactive about IoT security threats.
Connection hijacking
If a connection between applications isn’t secure, a hacker can eavesdrop on the data transfer. Since TCP headings specify the size of each data packet and TCP segment, a hacker can create fake segments and packets of the same size and trick the recipient into accepting them. They’re “hijacking” the TCP connection to send their own data, which can be malicious. Coupled with other protocols and hacking strategies, TCP hijacking can even give someone complete control over the connection.
Get secure IoT connectivity with emnify
emnify is a communication platform dedicated to IoT. Not only can your devices connect through our global mobile network, but the platform also ensures the security of your device. With advanced IoT security features like private networks, network firewalls with IP whitelisting, and custom DNS, we prevent common TCP attacks and make malicious communication with your device impossible.
If you wish to know more about protocols and IoT check out our Comprehensive Guide to IoT Protocols.
