Lead Image Creative Commons CC0 TheDigitalArtist Pixabay
TLS 1.3 and the return of common sense
Cryptography
Improved transport encryption couldn't have come at a better time. The new generation of Transport Layer Security (TLS) follows on the heels of a series of major cyberattacks that seem to be growing in severity: Alteryx, Tesla, Uber, … the list goes on and on.
The cybersecurity community is on high alert, and so is the executive suite. Forty-four percent of senior executives say that they feel "very" or "extremely" vulnerable to data threats [1] – that's almost one in two. In light of the EU General Data Protection Regulation (GDPR), its worldwide reach, and its steep penalties for data leaks, tightening the screws on cybersecurity has reached a new level of urgency. Businesses are willing to go out of their way to avoid drawing the ire of both the public and regulatory bodies. Given the sorry state of encryption, that is easier said than done.
An ever-growing multitude of cryptographic weaknesses and implementation vulnerabilities in existing TLS versions have rendered the standard all but obsolete. Meanwhile, the cloud revolution has democratized access to massive amounts of inexpensive computing power, putting average end users at a disadvantage. Moreover, the emergence of quantum computing poses a novel threat to pre-quantum encryption, like the ciphers used in TLS.
After a decade in service, TLS 1.2 is showing many signs of aging. The cryptographic building blocks of current versions of the TLS protocol are no match for the cryptographic capabilities of likely adversaries. Something has to give.
Attack Vectors Against TLS
Attack vectors against TLS target either specific design flaws in the protocol itself (e.g., weak cryptographic primitives or purely conceptual blunders), third-party implementation vulnerabilities, or more likely both.
Design flaws in the cryptographic building blocks
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Let the hardware do the heavy lifting
Inline hardware-assisted TLS reduces latency and saves valuable host CPU cycles. -
SSL/TLS best practices for websites
SSL and TLS are very complex technologies. If you want to avoid wading through cryptography manuals to harden your HTTPS web server, read on for practical recommendations on establishing, securing, and optimizing your SSL/TLS configuration. - Dangerous New Attack Could Compromise One Third of All HTTPS Servers
-
What's left of TLS
Numerous attacks have rocked the security of SSL/TLS encryption in recent years. Newer standards would remedy this, but they are not widely used. -
News for Admins
News for system administrators around the world.