A Look at the Improvements That TLS 1.3 Brings
Nearly a decade has passed since the previous major encryption protocol update, yet the age of TLS 1.3 is finally upon us. Although it's still very new, the new TLS is already getting a lot of attention from web developers. In addition to being faster and more secure, TLS 1.3 has numerous other improvements over its predecessors. This guide will explain how developers can take full advantage of the features the latest version of TLS has to offer.
What is TLS 1.3?
Transport Layer Security, or TLS, is a replacement for the older Secure Sockets Layer, or SSL. Consequently, you may see the terms TLS and SSL used interchangeably. Certificate authorities still tend to call TLS certificates "SSL certificates" because people are more familiar with the older protocol name.
The job of TLS is to secure data as it is transmitted between web browsers and servers. It uses symmetric cryptography to generate unique keys for each side via a process called the "TLS handshake." IP-based protocols like HTTPS, SMTP, POP3 and FTP all support TLS for encryption.
Whenever you see a padlock icon on the left side of your browser's address bar followed by "https", you know that you're viewing an encrypted webpage. The HTTPS protocol, which is responsible for securing most websites, APIs and backends for mobile apps, depends on TLS to secure communications.
TLS 1.2 became the web's standard back in 2008. Since then, hackers have discovered several vulnerabilities that have resulted in some high profile cyber attacks over the last few years. The amount of freedom developers have when configuring TLS 1.2 has presented problems because they often neglect to disable outdated features in an effort to accommodate older browsers. While websites should be accessible to as many people as possible, they also have to be safe for all visitors.
In contrast, the new version of TLS was designed with a "less is more" approach. Eliminating legacy features and streamlining configuration has made TLS safer and faster than ever before.
How does the new version of TLS differ from older versions?
Most web browsers currently depend upon TLS 1.2, which was defined in RFC 5246. This version brought some great improvements over its predecessor, which you can learn about in this TLS 1.2 vs TLS 1.1 comparison. That being said, some websites are already making the switch to version 1.3. The most noticeable differences in the newer version include:
1. Faster performance
Encryption always adds a little overhead to a webpage's overall performance, but TLS 1.3 offers faster encryption than even. While TLS 1.2 requires two round-trips to complete the TLS handshake, 1.3 gets the job done in just one trip, so it drastically cuts down on encryption latency.
The new TLS boasts another feature that gives it an extra speed boost: When users return to a TLS-secured website that they previously visited, it will load even faster because their browser will "remember" that the site is trustworthy. Therefore, it can send data to the server right away. This feature is known as "zero round trip time resumption," or 0-RTT.
2. Enhanced security
TLS 1.2 is secure so long as it's configured correctly, but improper configuration can leave websites open to cyber attacks. To offer better protection, version 1.3 has done away with numerous obsolete features that have known vulnerabilities including:
- Arbitrary Diffie-Hellman groups
- Export ciphers
- RSA key transport
Because the new protocol has been simplified, administrators are less likely to make mistakes that leave websites open to attacks during configuration.
Which browsers support the new TLS?
While there's plenty to be excited about, many browsers and SSL test services do not yet support TLS 1.3. The situation should change very soon, but in the meantime, you can enable the security protocol manually in some versions of Firefox and Chrome.
The most recent dev versions of these browsers now have TLS 1.3 enabled by default, but keep in mind that enabling the security protocol can cause some websites to break. You can check which security protocols your browser supports anytime by visiting the "My Client" webpage at SSL Labs.
How to enable TLS 1.3 in Chrome
If you're running Chrome 62+ you can follow these instructions to enable TLS1.3 in your browser:
chrome://flags/in the browser address bar.
- Search for
TLS 1.3 Early Dataand make sure the
Enabledoption is selected.
- Restart the browser.
When navigating to websites that support TLS 1.3 you should now see this protocol appear when viewing the security tab of Chrome DevTools.
How to enable TLS 1.3 in Firefox
- Download and install the latest version of Firefox.
- In the browser address bar, enter
- Change the
- Restart the browser.
Presumably, TLS 1.3 will be enabled by default in newer versions of all browsers, but TLS 1.2 will still be supported as well until 1.3 becomes more standard.
The TLS handshake
Before your browser can connect to an encrypted website, a set of shared cryptographic keys must be generated. This process, known as the TLS handshake or cryptographic handshake, involves sending information back and forth between the browser and the server. The image below depicts the difference between the handshake process in TLS 1.2 and 1.3.
As mentioned earlier, the newer version of TLS can complete the handshake in fewer steps than TLS 1.2. Doubling the speed of the handshake only makes a difference of a few milliseconds, but those milliseconds matter more than most people realize. The new zero round trip mode allows users to skip the handshake altogether on websites they've already visited, so upgrading to TLS 1.3 will make your web apps load even faster for your regular users.
Diving deeper into the benefits of TLS 1.3
Less latency, less problems
One of the biggest factors in page load time is latency, or the amount of time needed to transmit data between browser and server. Latency is especially relevant to mobile users and visitors who are geographically distant from the server. While encryption is vital to the modern web, it adds even more latency. Fortunately, the new version of TLS adds less latency than previous versions.
Everyone knows that page load times matter when it comes to retaining visitors, but few people realize just how big a difference a few milliseconds can make. For example, Amazon discovered that every 100 ms of latency leads to a 1 percent reduction in their sales. Likewise, Google found that a mere half-second increase in search page generation time caused traffic to drop by 20 percent. These losses add up over time; It's estimated that ecommerce platforms can lose up to $4 million in revenues annually for every millisecond they lag behind their competitors. Consequently, developers who are ready to switch to TLS 1.3 will have a huge head start.
Making the Internet safer
Internet security is also very important to businesses. Websites that store sensitive information about users on their servers are popular targets for hackers, and high profile hacks can irreversibly damage a company's reputation. The new TLS aims to address the security issues that plagued 1.2, so companies that make the switch are offering better protection for their customers and themselves. Connections can still revert to TLS 1.2 if necessary, but TLS 1.3 can tell if a fallback was caused by a man-in-the-middle attack and block the threat.
Some major websites never even upgraded to TLS 1.2, so getting them to adopt 1.3 might be a challenge. Nonetheless, the Payment Cards Industry Security Standards Council has asked payment processors to adopt a secure version of TLS by June 30, 2018.
While 1.2 carried a lot of unnecessary baggage left over from the original TLS, the new version is trimmer and better equipped to deal with attempted man-in-the-middle attacks and a collection of other cyber threats.
Challenges to implementing TLS 1.3
The finalized version of TLS 1.3 was expected to be ready earlier in 2017, but full deployment keeps getting delayed. While this hasn't stopped many developers from taking advantage of the draft version, others are being more diligent.
The biggest obstacle to full TLS 1.3 deployment has been faulty middlebox devices. Google and Firefox noticed connection failures when testing the new version of TLS because some middleboxes responsible for directing internet traffic automatically block messages that don't resemble known protocols. Therefore, more changes may be necessary to reduce the failure rate to an acceptable level.
These challenges are to be expected since implementing TLS 1.2 also came with a learning curve. Such "version intolerance" inspired browsers to include fallbacks, which led to a proliferation of old security vulnerabilities. TLS 1.3 features a new version negotiation mechanism to discourage browsers from implementing fallbacks, and Google has introduced its own mechanism called GREASE to help prevent connection failures.
The TLS protocol was designed for extensibility so that new features could be added without requiring existing clients to be updated. This feature has allowed TLS to adapt to changing algorithms and security requirements, but the amount of time it takes for new values to appear compared to the number of TLS implementations across the world has pushed that extensibility to its limits. The purpose of GREASE, which stands for Generate Random Extensions And Sustain Extensibility, is to identify interoperability issues by collecting information from around the world. Consequently, TLS is getting closer to perfection every day.
TLS 1.3 and KeyCDN
At KeyCDN we're excited about the official release of TLS 1.3 and are working towards making it available across all POP locations. We've currently enabled TLS 1.3 on select POPs and plan to expand it to all POPs moving forward. An official announcement will be made once TLS 1.3 has been fully integrated with all of our edge servers and is working smoothly across our infrastructure.
With the official release of TLS 1.3 approaching, these are exciting times in the world of security and web performance. Given that HTTP/2 was released just a couple of years ago (2015) and brought some major improvements to the world of web performance, the acceptance and use of TLS 1.3 will only further the goal of reducing latency and optimizing the web worldwide.
If you're still using a TLS 1.0 or 1.1 but aren't quite ready to make the jump to 1.3, it's a good idea to move to TLS 1.2 for the time being. This version of TLS is still secure and although has faults, is widely adopted and is currently the standard. Once TLS 1.3 becomes standardized, you may want to look more closely at moving to the latest version and reaping the benefits it brings.