September 20, 2020

Transport Layer Security Protocol TLS 1.3 RFC 8446 officially released

2 min read

TLS 1.3 is the new TLS standard developed by the Internet Engineering Task Force (IETF). In the past five years, the IETF has been working on the standardization of the TLS 1.3 protocol. TLS is used to protect the Web (and more), providing encryption and ensuring the authenticity of each HTTPS website and API.

The latest version of TLS, TLS 1.3 ( RFC 8446 ), was released yesterday. This is the first significant reform of the agreement, bringing strong security and performance improvements.

TLS 1.3 is based on earlier TLS 1.2, but it is also entirely different from TLS 1.2 because the first important goal of TLS 1.3 design is to avoid the defects of the previous version. The main differences include:

  • Separate the key negotiation and authentication algorithms from the cipher suite
  • Remove fragile and less used named elliptic curve support
  • Remove support for MD5 and SHA-224 cryptographic hash functions
  • Request a digital signature, even if you used the previous configuration
  • Integrated HKDF and semi-transient DH offers
  • Replace recovery with PSK and credentials
  • Support 1-RTT handshake and initially support 0-RTT
  • Ensures forward security by using temporary keys during the (EC)DH key agreement
  • Abandon support for many insecure or outdated features, including data compression, renegotiation, non-AEAD codebooks, static RSA and static DH key exchange, custom DHE grouping, dot format negotiation, protocol change of password book specification, UNIX time Hello message, and length field AD is entered into the AEAD codebook
  • Prohibit SSL and RC4 negotiation for backward compatibility
  • Use of integrated session hashing
  • Deprecated record layer version number and freeze number for improved backward compatibility
  • Move some security-related algorithm details from the appendix to the standard and downgrade ClientKeyShare to the appendix
  • Add ChaCha20 stream encryption with Poly1305 message verification code
  • Add Ed25519 and Ed448 digital signature algorithms
  • Add x25519 and x448 key exchange protocols

Cloudflare also released a blog to give a detailed introduction to TLS 1.3 RFC 8446, and we may wish to pay attention.

Image: Cloudflare

In the IETF, the protocol is also known as RFC. TLS 1.0 is RFC 2246, TLS 1.1 is RFC 4346, and TLS 1.2 is RFC 5246. TLS 1.3 is now RFC 8446. RFCs are usually issued in order and retain 46 as part of the RFC number.

The main appeals driving the development of the TLS 1.3 agreement are:

  • Reduce the delay time of the handshake
  • Encrypt more handshake messages
  • Improve mobility against cross-protocol attacks
  • Delete legacy features

Currently, TLS 1.3 RFC 8446 has been officially released, and it is believed that as adoption increases, the new protocol will make the Internet faster and more secure.