Transport Layer Security (TLS) protocols are responsible for keeping most of the internet secure by encrypting communications between client and server applications. This includes all sorts of communications, for example, the one between a web browser and an HTTPS-enabled website, such as Neowin, helping to prevent eavesdropping, tampering, and message forgery.
The last version of the TLS protocol to be approved was version 1.2 back in August 2008. But it was only four years ago that the work group responsible for the development of the protocol started working on version 1.3, which was finalized last week, according to an announcement from the Internet Engineering Task Force (IETF).
TLS version 1.3 brings the most comprehensive list of changes to the protocol since its creation, including new restrictions and removals while also enabling support for new security technologies such as new digital signature algorithms and key exchange protocols. For example, as per an IEFT draft from January 2018:
- The list of supported symmetric algorithms has been pruned of all algorithms that are considered legacy. Those that remain all use Authenticated Encryption with Associated Data (AEAD) algorithms. The ciphersuite concept has been changed to separate the authentication and key exchange mechanisms from the record protection algorithm (including secret key length) and a hash to be used with the key derivation function and HMAC.
- A 0-RTT mode was added, saving a round-trip at connection setup for some application data, at the cost of certain security properties.
- Static RSA and Diffie-Hellman cipher suites have been removed; all public-key based key exchange mechanisms now provide forward secrecy.
But because of the major changes taking place, extensive upgrades in infrastructure may be required for some institutions, including banks, in order for TLS 1.3 to work, which sparked some serious debates about softening the new protocol. Particularly, the Financial Services Roundtable suggested the implementation of a way for banks to easily decrypt connections, so it would be possible for them to comply with regulations without the need to upgrade current hardware.
But of course, the proposed softening of TLS 1.3 was not accepted by security experts. As stated by Janet Jones, a senior security program manager at Microsoft, to CyberScoop:
Can you imagine us supporting something that gave an API with a decrypt button? We can’t do that.
Thankfully, the IETF work group responsible for designing the new protocol did not accept the financial sector's proposal and the TLS 1.3 protocol was approved on March 21 with all the intended changes.