Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version comparison
Download as PPTX, PDF0 likes88 views
TLS 1.3 offers improvements over TLS 1.2 such as faster handshake times, simpler cipher suites, and stronger security. TLS 1.3 reduces the number of round trips needed for handshake from two to one, improving performance. It also removes support for vulnerable algorithms and features like renegotiation. While TLS 1.2 is still widely used, migration to TLS 1.3 is growing due to its benefits like reduced latency, improved website performance, and more secure connections. Businesses may need to support both versions during transition to secure communications with legacy systems.
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version comparison
- 1. TLS 1.2 vs TLS 1.3
- 2. What is TLS? Transport Layer Security (TLS) is a foundational technology for online privacy. As a cryptographic protocol, Transport Layer Security encrypts data and authenticates connections when moving data over the internet via HTTP—an extension of the protocol known as HTTPS (Hyper Text Transfer Protocol Secure). When a user visits a website, their browser checks for a TLS certificate on the site. If one is present, their browser performs a TLS handshake to check its validity and authenticate the server. Once a link has been established between the two servers, TLS encryption and SSL decryption enable secure data transport
- 3. SSL and TLS? Transport Layer Security (TLS), Secure Sockets Layer (SSL) is a cryptographic protocol that extends HTTP to authenticate internet connections and enable encryption and SSL decryption for data communication over a network. In fact, TLS is a direct evolution of SSL and introduced to address security vulnerabilities in the earlier protocol. The differences between the two are relatively minor, such as the stronger encryption algorithms and ability to work on different ports offered by TLS. The terms are used somewhat interchangeably, and the same certificates can be used with both TLS and SSL.
- 4. TLS 1.2 and TLS 1.3? TLS version 1.2 was released in 2008. It is currently the most widely implemented version of TLS. TLS 1.2 offers major improvements over the older version, TLS 1.1. A new version of TLS was launched in 2018 – the TLS 1.3 protocol. TLS 1.3 aims to solve all of the problems facing its older version – TLS 1.2. While TLS 1.2 was a good choice for a TLS protocol until recently, but now, TLS 1.3 offers a better solution with a refreshing approach, especially for security- related matters. In October 2018, Apple, Google, Microsoft & Mozilla (responsible for Chrome, Edge, IE, Firefox, and Safari
- 5. Issues with TLS 1.2 version The new TLS 1.2 vulnerability, like the old POODLE, allows the attacker to gain access to encrypted blocks of data – and then gain exposure to plain text information – using side channels. The procedure is this: if the victim visits, for example, a non-encrypted website, malicious JavaScript is injected into the victim’s browser. Once the browser is infected, a MITM attack is executed and the attacker can grab the victim’s cookies and credentials from a secure web session.
- 6. TLS 1.3 offers several improvements over earlier versions, most notably a faster TLS handshake and simpler, more secure cipher suites. Zero Round-Trip Time (0-RTT) key exchanges further streamline the TLS handshake. Together, these changes provide better performance and stronger security.
- 7. TLS 1.3 offers faster Handshake TLS encryption and SSL decryption require CPU time and add latency to network communications, somewhat degrading performance. Under TLS 1.2, the initial handshake was carried out in clear text, meaning that even it needed to be encrypted and decrypted. Given that a typical handshake involved 5 – 7 packets exchanged between the client and server, this added considerable overhead to the connection. Under version 1.3, server certificate encryption was adopted by default, making it possible for a TLS handshake to be performed with 0 – 3 packets, reducing or eliminating this overhead and allowing faster, more responsive connections.
- 8. TLS 1.3 offers Simple, Stringer cipher Suites In addition to reducing the number of packets to be exchanged during the TLS handshake, version 1.3 has also shrunk the size of the cipher suites used for encryption. In TLS 1.2 and earlier versions, the use of ciphers with cryptographic weaknesses had posed potential security vulnerabilities. TLS 1.3 includes support only for algorithms that currently have no known vulnerabilities, including any that do not support Perfect Forward Secrecy (PFS). The update has also removed the ability to perform “renegotiation,” in which a client and server that already have a TLS connection can negotiate new parameters and generate new keys, a function that can increase risk.
- 9. TLS 1.2 vs TLS 1.3 Handshake process
- 10. TLS 1.2 vs TLS 1.3 version TLS 1.2 handshake takes two round trips to complete the TLS handshake, which adds network overhead and latency to connections. Conversely, the TLS 1.3 handshake requires only one round trip from both sides. This reduces the total setup time by half and results in faster, highly-responsive HTTPS connections.
- 11. Why to use TLS 1.3 TLS 1.3 takes a significant step forward in enhancing security. It removes all primitive features that lead to weak configurations. TLS 1.3 prevents common SSL/TLS vulnerabilities such as DROWN, POODLE, SLOTH, CRIME, and more.
- 12. TLS 1.3 improved performance The performance improvement in TLS 1.3 is also brought about by “Zero Round Trip Time Resumption or (0-RTT)”, which means when a user tries to access a previously visited website, the connection is instantly resumed by exchanging the pre-shared keys from the previous session. As the entire handshake process is eliminated, the client can send data to the server on the very first message.
- 13. TLS 1.3 vs TLS 1.2 comparison The most important difference is that a TLS version 1.3 handshake takes less time than a TLS version 1.2 handshake. TLS 1.3 benefits include: •Reduction of round-trip processing, resulting in a faster handshake •Improvement of latency times by reducing the number of round trips •Improvement of website performance and user experience due to reduced •Use of perfect forward secrecy •Removal of vulnerable algorithms and ciphers
- 14. Summary While TLS version 1.2 is still used, migration to TLS version 1.3 is picking up steam due to the version’s simplicity, improved performance, data privacy and security. Properly implemented TLS 1.3 provides a faster connection which results in reduced latency. Reduced latency improves website performance and user experience. Simplifying cypher suites and removing insecure features and other vulnerabilities makes client-server connections even more secure. Considering that TLS 1.3 is not backwards compatible with TLS 1.2, businesses should consider supporting both versions for a certain period to secure data transactions with legacy systems and applications.
- 15. THANK YOU Like the Video and Subscribe the Channel