TLS 1.3 improves over previous versions of the TLS (SSL) protocol in several essential ways.
What is the difference between TLS 1.3 and TLS 1.2?
TLS 1.3 is the latest version of the TLS protocol. TLS, which is used by HTTPS and other network protocols for encryption, is the modern version of SSL. TLS 1.3 dropped support for older, less secure cryptographic features and sped up TLS handshakes, among other improvements.
The Internet Engineering Task Force (IETF) published TLS 1.3 in August 2018 for context. TLS 1.2, the version it replaced, was standardized a decade previous, in 2008.
What are the advantages of using the latest TLS version?
In a nutshell, TLS 1.3 is faster and more secure than TLS 1.2. One of the changes that make TLS 1.3 faster is an update to the way a TLS handshake works: TLS handshakes in TLS 1.3 only require one round trip (or back-and-forth communication) instead of two, shortening the process by a few milliseconds. And in cases when the client has connected to a website before, the TLS handshake will have zero round trips. This makes HTTPS connections faster, reducing latency and improving the user experience.
Many of the significant vulnerabilities in TLS 1.2 had to do with older cryptographic algorithms that were still supported. TLS 1.3 drops support for these vulnerable cryptographic algorithms, and as a result, it is less vulnerable to cyber attacks.
Why are there different TLS versions?
Updates are a natural part of software development. Computer systems are so complex that it is inevitable that they’ll need repairs or improvements to be more efficient or more secure. Any software is going to have vulnerabilities – flaws that an attacker can exploit.
In the case of TLS, parts of the protocol carried over from its early days in the 1990s resulted in several high-profile vulnerabilities persisting in TLS 1.2. Additionally, those who work on developing the protocol continually identify inefficiencies that can be eliminated.
How do new versions of TLS get developed?
The IETF is responsible for developing TLS, codifying feedback and ideas via a document known as a “Request For Comments,” or an RFC. Most protocols on the Internet are defined via RFCs. All RFCs are numbered; TLS 1.3 is defined by RFC 8446.
Once a new version of a protocol is released, it’s up to browsers and operating systems to build support for those protocols. All operating systems and browsers should want better performance and security, so they are incentivized to do so. However, it can still take some time for support for updated protocols to be widespread, mainly because private businesses and consumers may be slow to adopt the latest versions of browsers, applications, and operating systems.
What is a vulnerability?
A software vulnerability is a flaw in the design of a computer program that an attacker can take advantage of to perform a malicious activity or gain illicit access. Vulnerabilities are inevitable in computer systems, just as it is practically impossible to build a bank impregnable to highly determined bank robbers.
The security community documents and catalogs vulnerabilities as they are discovered and described. Known vulnerabilities are assigned a number, like CVE-2016-0701. (The first number is the year when it was discovered.)
What are some critical SSL and TLS vulnerabilities?
Several outdated cryptography features resulted in vulnerabilities or enabled specific cyber attacks. Here is a non-exhaustive list of TLS 1.2 cryptography weaknesses and their associated vulnerabilities or attacks.
- RSA key transport: Doesn’t provide forward secrecy
- CBC mode ciphers: BEAST and Lucky 13 attacks
- RC4 stream cipher: Not secure for use in HTTPS
- Arbitrary Diffie-Hellman groups: CVE-2016-0701
- Export ciphers: FREAK and LogJam attacks
Many TLS 1.2 features have been removed in addition to those listed above. The idea is to make it impossible for someone to enable the vulnerable aspects of TLS 1.2. This is somewhat like when the government made manufacturing new cars without seatbelts illegal: The regulations aimed for seatbelt-less cars to be phased out so that everyone would be safer. For a while, drivers could still choose to use older car models and be less safe, but eventually, those more dangerous cars disappeared from the roads.