Small Business Software Reviews, Services Insight and Resources

Best Small Business Software Reviews, Services a steady flow of information, insight and inspiration for small business owners and operators: 2021, 2022, 2023, 2024.

Changes in TLS 1.3 – The Toughest SSL Encryption Strength

TLS 1.3 is finally finished, published, official—whatever term you want to use—it’s ready. After nearly 30 drafts and several years of negotiations from various stakeholders, the fourth iteration of TLS is finally ready to be put into mass use.

Before there was Transport Layer Security there was Secure Socket Layers or SSL. SSL 1.0 was invented around 1997 but was too flawed to ever be pressed into action. Likewise, SSL 2.0 never got off the ground. SSL 3.0 was still in use until only a few years ago, but was also found to be flawed. So the eminent minds of the day (what? 15 years is an eternity in internet time) came together to work on a new standard: TLS.

We’re now on TLS 1.3. TLS versions 1.0 & 1.1 have largely been deprecated. SSL 3.0 is long gone. But it took ten years to get from TLS 1.2 to 1.3. So what took so long and what new features can internet users look forward to?

A More Efficient Handshake

The SSL handshake has long been a point of consternation. What the handshake refers to is the set of interactions that occur when a client first arrives at a website and receives its SSL certificate. While the handshake has come a long way, it can still add latency to an initial connection, which causes a web page to load more slowly—and that’s a problem for several reasons.

In previous iterations the SSL/TLS handshake has made multiple roundtrips, with the client and server sending information back in forth in multiple bursts. This has been refined for TLS 1.3, the handshake is now performed in a single roundtrip. This dramatically reduces the time the handshake takes and helps secure connections to form faster. This is arguably the biggest change to TLS 1.3.

Deprecation of Outmoded Ciphers

The algorithms and ciphers that are used in modern encryption implementations don’t maintain their hardness forever. Hardness is the measure of how difficult a cryptosystem is to crack. It’s typically referred to in terms of key length, but the term can be used more broadly. As computers get more and more advanced, the ciphers and algorithms that are in use become less secure.

Here’s an example, the RSA cryptosystem is based on prime factorization. That makes it sufficiently difficult to crack using modern computers, this is owed to the binary system that modern computers run on. A computer can only guess a single value at once, owing to the known position of the bits. Quantum bits, or qubits, can be in superposition, or multiple positions at once, exponentially raising the number of guesses it can make simultaneously. A 74 qubit computer can guess 2 to the 74th power potential outcomes at once. When quantum computers become more prevalent, RSA is going to be useless.

So what does that have to do with TLS 1.3? Well, in determining what algorithms, ciphers and cryptosystems to support, TLS 1.3’s creators have given it the best opportunity to maintain robust encryption in light of the oncoming threats it will face in the coming years. Gone are ciphers with known vulnerabilities or even the potential to become vulnerable before the next iteration of TLS.

We may be a ways off from TLS 1.4, but until we get there TLS 1.3 should hold up just fine. Learn more about SSL certificate. Hopefully.

Average rating 5 / 5. Vote count: 1

No votes so far! Be the first to rate this post.