Introducing TLS 1.3 – The future of Encryption
Download as PPTX, PDF1 like166 views
TLS 1.3 has been approved by the IETF after four years and 28 drafts, enhancing encryption by implementing faster and more robust security measures while denying the banking industry's request for a backdoor. The updated protocol streamlines the handshake process and eliminates vulnerable algorithms, allowing for quicker connections with improved security features like forward secrecy and ephemeral keys. Overall, TLS 1.3 sets the stage for broader application in various technologies, significantly enhancing online encryption standards.
![THIS WILL ONLY SPEED TLS 1.3 EVEN MORE.
Beyond a refined handshake and dropping support for all but the most recent ciphers, TLS 1.3 also
boasts something called 0 RTT resumption. This feature allows two parties to remember the details of
their last session and to resume it without needing to repeat the handshake. Kind of like calling that ex I
mentioned earlier for a quic- [Editor’s Note: CARL!]
This will only speed TLS 1.3 even more.
No word yet on TLS 1.4, though the IETF may want to get to work on it now now considering how long
this last one took.](https://image.slidesharecdn.com/introducingtls1-180510075533/85/Introducing-TLS-1-3-The-future-of-Encryption-8-320.jpg)
Introducing TLS 1.3 – The future of Encryption
- 1. INTRODUCING TLS 1.3 THE FUTURE OF ENCRYPTION – AND TOOK ONLY 28 DRAFTS
- 2. TLS 1.3 APPROVED BY IETF.ORG After four years and 28 different drafts, the Internet Engineering Task Force has finally approved TLS 1.3. And even then, TLS 1.3 was only approved at the most recent London meeting after a wave of last minute activity including an 11th hour pitch from the banking industry to insert a back door. That didn’t go over well, but eventually TLS 1.3 won unanimous approval (with one “no objection”) which sets the stage for it to be implemented in… well, everything. TLS 1.3 sees improvements that should seriously hamper any attempts to decrypt intercepted HTTPS connections and any other encrypted network packets. That’s not going to make the NSA or the Ruskies too happy, but that’s kind of the point.
- 3. TLS 1.3 – THE FASTER ENCRYPTION In addition to be even more robust, TLS 1.3 will also streamline the handshake process and allow for even faster encryption to take place. Unfortunately, the work on TLS 1.3 has been extremely slow. Google had problems last year when an IT administrator for the Maryland school system reported that about one-third of the 50,000 Chromebooks he had enabled TLS 1.3 on bricked. And then there was the aforementioned incident where the banking industry complained it wouldn’t be able to decrypt the traffic within its own networks.
- 4. TLS 1.3 HOLDS THE COMPLEX ENCRYPTION MECHANISM However, the same ability to decrypt data their own data can be used nefariously, much like just about everything in the banking industry, which makes trusting a banker one of the most dangerous things you can do in this life. I’m convinced that when Virgil finally leads me on my orientation to hell, the bankers will have their very own ring. Hopefully several. Anyway, back to getting back doored by bankers. The IETF said no. Which means the financial sector will have to do some extra work in order to inspect TLS 1.3 traffic. Everybody wins. Two of the biggest updates to TLS 1.3, and one of the biggest reasons that the banking industry had a cow, have to do with forward secrecy and ephemeral keys.
- 5. TLS 1.3 – THE PERFECT SSL HANDSHAKE As you may know, TLS creates an encrypted connection between a client and a server. This is done at the outset using what we call the “SSL handshake.” Unfortunately the previous iterations of the handshake were long and could take half a second. For what it’s worth a part of me just died typing that last sentence. We live in a world where people are inconvenienced by half a second. But, with TLS 1.2 the handshake took several roundtrips. The client would send something to the server, then the server would respond, then they would begin a series of hand claps and fist bumps. Eventually they agree on a session key that uses mutually supported algorithms and ciphers and voila! Encrypted communication.
- 6. TLS 1.3 HOLDS STREAMLINE HANDSHAKE TLS 1.3 asks the age old question, “who has that kind of time?” And streamlines the handshake into a single rountrip proposition that is less like a clubhouse secret handshake and more like the handshake exchanged by a couple at the end of a long and contentious divorce settlement. Just a perfect economy of emotion offering an ironic end to a process that was anything but.
- 7. TLS 1.3 – THE NEXT GENERATION ENCRYPTION TECHNOLOGY Anyway… In addition to that, TLS 1.3 also gets rid of a bunch of outmoded algorithms that have been found vulnerable. RC4 Steam Cipher RSA Key Transport SHA-1 Hash Function CBC Mode Ciphers MD5 Algorithm Various Diffie-Hellman groups EXPORT-strength ciphers DES 3DES
- 8. THIS WILL ONLY SPEED TLS 1.3 EVEN MORE. Beyond a refined handshake and dropping support for all but the most recent ciphers, TLS 1.3 also boasts something called 0 RTT resumption. This feature allows two parties to remember the details of their last session and to resume it without needing to repeat the handshake. Kind of like calling that ex I mentioned earlier for a quic- [Editor’s Note: CARL!] This will only speed TLS 1.3 even more. No word yet on TLS 1.4, though the IETF may want to get to work on it now now considering how long this last one took.
- 9. TALK TO SSL OR TLS EXPERTS AT RAPIDSSLONLINE.COM Official website; https://www.rapidsslonline.com/ SSL certificate blog; https://www.rapidsslonline.com/blog/ A complete research on TLS 1.3 – The future of Encryption Mechanism Talk to SSL or TLS Experts at Twitter | Facebook | Google+ | Medium | Dzone