Adoption of Network Security Standards, TLS v1.3 to Bring a Safer Network Environment

TLS v1.3

Internet engineers recently passed a security framework that will make encrypted connections on the network faster and more resistant to snoops.

It’s called Transport Layer Security version 1.3 (TLS v1.3), which is not a major update, but rather an iterative improvement that allows the Web to work when there are any malicious actions or programs. The IETF is a team of engineers from all over the world who collaborated on this standard – it took more than four years and drafted 28 drafts before passing TLS 1.3.

Image: Cloudflare

TLS 1.3 mainly supports four handshake modes

  • The “handshake” between client and server has been streamlined and encryption initiated earlier to minimize the amount of data transmitted in the clear.
  • “Forward secrecy,” meaning hackers can’t skim decryption keys from one exchange and use it to decrypt others later.
  • “Legacy” encryption algorithms have been removed as options, as these could occasionally be forced into use and their shortcomings leveraged to break the cipher on messages.
  • A new “0-RTT,” or zero round-trip time, mode in which the server and client that have established some preliminaries before can get right to sending data without introducing themselves to each other again.

 

The entire standard is 155 pages long. If you want to read or learn more about one of the new features, you can read it here.

Source: TechCrunch