Upgrading TLS can mean better performance, less exposure to vulnerabilities, and better overall encryption. So why haven't more organizations upgraded?
In this blog, we compare TLS 1.2 and TLS 1.3, including a look at performance and security issues. First, let's start with a refresher on TLS.
TLS, or Transport Layer Security is a cryptographic protocol for communication security. Implemented with version 1.0, it was designed to replace the less secure and now defunct Secure Socket Layer (SSL).
Over the last few years, we’ve seen cipher suites whittled down to most organizations and users only allowing TLS 1.2 and nothing else. This is due to the other available ciphers being weak/compromised in their security.
Naturally, this narrowing puts all the pressure on one single suite. It was only a matter of time before an upgrade to TLS 1.2 was necessitated. Luckily, the developers for TLS were staying active and the release of TLS 1.3 brings a slew of new features and more robust security for all.
One of the biggest differences in performance is how TLS 1.3 uses only a single round trip to authenticate a session. Previously with 1.2 you needed two round trips to start a session but now you can establish the connection faster and with half the latency. Session resumption saw an overhaul as well. In the past, the client would send a session ID and the server would look it up in its cache. Once a match was found the security parameters were established.
In 1.3, the server instead sends the client a session ticket upon completing a handshake. This ticket acts like a database lookup key similar to the old session ID. This blob of data can be interpreted as a self-encrypted and self-authenticated value containing the data for the previous connection, thus allowing the server to be stateless. In other words, if the client has connected to the website prior, the TLS handshake makes 0 round trips.
When compared to TLS 1.2, the differences start with the algorithms used. Due to all the security issues of previous years, there were several algorithms that were considered unsafe and insecure to use, and those have all been removed in 1.3. A major feature is added encryption for all handshake messages after ServerHello.
TLS 1.2 used as many as 18 different cipher suites but 1.3 uses only 3. DHE-RSA, ECDHE-RSA and ECDHE-ECDSA are the 3 primary cipher suites used by 1.3. Because 1.3 has dropped so many older and vulnerable cipher suites, it is much more secure from being taken advantage of.
Some of the vulnerabilities that were removed that occurred in 1.2 include RSA key transport not providing forward secrecy, CBC mode ciphers which were responsible for the BEAST attack as well as the Lucky 13 attack, RC4 not being secure anymore for use in HTTPS, the Diffie-Hellman vulnerabilities found in CVE-2016-0701 as well as the FREAK vulnerabilities found in export ciphers and the LogJam attacks. Suffice to say, these were just a handful of examples among many other notorious vulnerabilities from the last decade.
By enabling the latest version of TLS, you ensure that your servers are using a lean, efficient, faster and more secure version of encryption that so many users and businesses depend upon around the clock.
The team at OpenLogic understands the difficulty of upgrading production systems. We strongly encourage all our users to begin implementing this vastly improved version of TLS to ensure their assets, property, user experience and data integrity all remain intact, and out of harm’s way.
Looking for guidance or assistance on enabling the latest version of TLS? Talk with one of our Enterprise Architects today to get started.
TALK TO AN EXPERT
Associate Enterprise Architect, OpenLogic by Perforce
Andrew's areas of specialization include networking, Linux, network security including OpenSSL, and operational troubleshooting. He has been working in the industry for over seven years and is acquiring new skills every day.