This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
TLS 1.3
TLS 1.3

Version management

Difference between version and

At line 1 added 55 lines
!!! Overview[1][2][3]
[{$pagename}] is [Transport Layer Security] ([TLS]) version 1.3 ([TLSv1.3]) is defined in [RFC 8446][{$pagename}] is a __major overhaul__ and has two main advantages over previous versions:
* Enhanced security
* Improved speed
[{$pagename}] supersedes and [Obsoletes] previous versions of [TLS], including
* __[Obsoletes]__ [TLS 1.2] [RFC 5246]
* __[obsoletes]__ [Transport Layer Security (TLS) Session Resumption without Server-Side State] (TLS Ticket) mechanism defined in [RFC 5077] and replaces it with the mechanism defined in [RFC 8446] Section 2.2.
* __updates__ [RFC 5705] as described in [RFC 8446] Section 7.5 because of changes the way [keys are derived|Key Derivation Function]
* __changes__ how [Online Certificate Status Protocol] ([OCSP]) messages are carried and therefore updates [RFC 6066] and obsoletes [RFC 6961] as described in [RFC 8446] Section 4.4.2.1.[{$pagename}] embraces the "less is more" philosophy, removing support for older broken forms of [cryptography]. That means you can’t turn on the potentially vulnerable stuff, even if you try. The list of __[TLS 1.2] features that have been removed is extensive__, and most of the exiled features have been associated with high profile [attacks].[2]
!! [{$pagename}] Supports 5 [Cipher Suites]
[TLS 1.3 Cipher Suites]
!! [{$pagename}] [Key-Exchange] [algorithms]
* [DHE] & [ECDHE]
** Only 5 [ECDHE] curve groups supported
** Only 5 [DHE] finite field groups supported
* [Pre-Shared Key] ([PSK])
* [ECDHE_PSK]
!! Other Major differences from [TLS 1.2] include:
* __Removing support__ for [Cryptographically Weak] and lesser-used named [Elliptic Curves]
* __Removing support __for [MD5] and [SHA-224] [cryptographic Hash Functions]
* __Requiring [Digital Signatures]__ even when a previous configuration is used
* __Replacing [TLS Session Resumption]__ with [PSK] and tickets
* Supporting [1-RTT Handshakes] and initial support for [0-RTT Handshakes]
* All handshake messages after the [ServerHello] are now [encrypted].
* [Key Derivation Functions] have been re-designed, with the [HMAC]-based Extract-and-Expand [Key Derivation Function] ([HKDF]) being used as a primitive.
* Integrating use of session hash
* __[Deprecating|Deprecated]__ use of the [record layer version number|Record Protocol] and freezing the number for improved backwards compatibility
* Moving some security-related algorithm details from an appendix to the specification and relegating ClientKeyShare to an appendix
* Integrating [HKDF] and the semi-[ephemeral] [Diffie-Hellman] proposal
* All [Symmetric Key Cryptography] [algorithms] use [Authenticated Encryption with Associated Data] ([AEAD]).
* [RSA] padding now uses [Probabilistic Signature Scheme]
* Addition of the [ChaCha20] [Stream Cipher] with the [Poly1305] [Message Authentication Code] (The only [Stream Cipher] supported)
* Addition of the [Ed25519] and [Ed448] digital signature algorithms
* Addition of the [x25519] and [x448] [Key-Exchange] [protocols]! Dropping support for many unsecure or [obsolete] features including:
* [TLS Compression]
* [TLS Renegotiation] - [{$pagename}] forbids renegotiation, if a server receives a [ClientHello] at any other time, the connection [MUST] be terminated
* __non-[AEAD] ciphers__
* __static [RSA]__ - Those [Cipher Suites] which use the [Public Key] contained in the server [certificate] for [RSA key-exchange].
* __static [Diffie-Hellman key-exchange]__
* __custom [DHE] groups__
* point format negotiation
* [Change Cipher Spec protocol|Change_cipher_spec]
* [clientHello] and [serverHello] [UNIX] time
* the length field AD input to [AEAD] ciphers
* Prohibiting [SSL] or [RC4] negotiation for backwards compatibility!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Transport_Layer_Security#TLS_1.3_.28draft.29|Wikipedia:Transport_Layer_Security#TLS_1.3_.28draft.29|target='_blank'] - based on information obtained 2017-02-22
* [#2] - [Introducing TLS 1.3|https://blog.cloudflare.com/introducing-tls-1-3/|target='_blank'] - based on information obtained 2017-03-02
* [#3] - [A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)|https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/|target='_blank'] - based on information obtained 2018-08-11-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop