Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/2/2018
10:30 AM
David DeSanto
David DeSanto
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
100%
0%

Preparing for Transport Layer Security 1.3

The long-awaited encryption standard update is almost here. Get ready while you can to ensure security, interoperability, and performance.

Despite what may seem like draft after draft of specifications, along with continuous proclamations of "it's almost here!," the latest encryption standard, TLS v1.3, really is almost ready. The Network Working Group of the Internet Engineering Task Force has pushed to make Draft 28 of TLS v1.3 the final standard.

In addition, OpenSSL added Draft 28 to the pre-release version of its 1.1.1 software library; Google's Chrome browser added support for Draft 28, beginning with version 65; and Draft 28 is already enabled by default when accessing Gmail (using Chrome). Because TLS v1.3 will be here officially before you know it, now is the time to prepare.

Every organization should be focusing on three crucial issues to ensure the appropriate level of security, interoperability, and performance:

  1. How to handle zero round-trip-time resumption (0-RTT)
  2. Preparing for downgrades to TLS v1.2
  3. The need for infrastructure and application testing

Worth the Round Trip?
One highly discussed feature of TLS v1.3 is the 0-RTT option, which has the potential to significantly increase performance during an encrypted session between endpoints. Even without 0-RTT, TLS v1.3 speeds connection time between a client and server with a slimmer handshake protocol. Secure web communications using TLS v1.2 require two round trips between the client and server prior to the client making an HTTP request and the server generating a response. TLS v1.3 reduces the requirement to one round trip — which is only one round trip more than a simple nonencrypted HTTP transaction — and offers the ability to inherit trust to accomplish zero round trips, or 0-RTT.

Although the 0-RTT option potentially provides better performance, it creates a significant security risk. With 0-RTT, a transaction becomes easy prey for a replay attack, in which a threat actor can intercept an encrypted client message and resend it to the server, tricking the server into improperly extending trust to the threat actor and thus potentially granting the threat actor access to sensitive data.

Organizations should therefore be wary of allowing or using 0-RTT in their services and applications, due to the potential security risks. Developers need to be particularly attentive to this issue because it requires proactive configuration to ensure security. Unless your application or access is highly sensitive to latency, the new option is not worth the security risk.

Don't Let the Downgrade Drag Security Down
One of the great benefits of TLS v1.3 is that it eliminates support for legacy encryption standards and cipher suites. It allows backward compatibility to TLS v1.2, which, of course, is essential for transitioning to the new standard and to ensure interoperability. Before allowing a fallback to TLS v1.2, however, it is important to review your security settings. Any TLS v1.2 implementation must be configured to support higher security standards. Select strong cipher suites, including ones that leverage elliptic curve key exchange, use large asymmetric keys, and implement perfect forward secrecy. Disabling the lower cryptographic algorithms will help prevent security breaches such as man-in-the-middle attacks.

Testing 1, 2, 3…
Now is the time to be testing your infrastructure and applications for TLS v1.3 compatibility. Changing to this new encryption standard may be disruptive, and you will want to get ahead of any problems or issues. Test for interoperability, security, and performance in a combined, holistic manner, rather than as a series of separate tests that may encourage undesirable trade-offs in decision-making and implementation. Leverage highly realistic traffic mixes and require them to fully emulate your traffic's characteristics including the appropriate levels of encrypted traffic. Validate how internal and external users will interact with your systems and consider what this change in encryption may mean for an employee, customer, partner, or any other relevant stakeholder.

Test network clients, including mobile devices and tablets. Test servers, including any supporting equipment. Test all components of security equipment, including identity and access management systems, next-generation firewalls and data center firewalls, web proxies and SSL/TLS visibility solutions, IDS/IPS and endpoint security. Test storage and backup, both on-site and cloud-based. Test networking infrastructure, including wireless access points, any cloud resources, and anything else that might be involved with encrypted communication. Consider all applications, including email.

There is much to look forward to with TLS v1.3. New levels of security and performance will benefit everyone and address many issues with current encryption, despite the challenges. If you stay ahead of the process, you can transform changes into opportunities for improvement rather than problems that disrupt your business.

Related Content:

Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Register before July 27 and save $700! Click for more info

David DeSanto is a security expert with more than 15 years of security research, software development, and product strategy experience. At Spirent, David focuses on driving innovation by looking holistically at security testing and defining product requirements with the ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11931
PUBLISHED: 2019-11-14
A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prio...
CVE-2019-18980
PUBLISHED: 2019-11-14
On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The o...
CVE-2019-17391
PUBLISHED: 2019-11-14
An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device) to read the contents of read-protected eFuses, such as flash encryption and sec...
CVE-2019-18651
PUBLISHED: 2019-11-14
A cross-site request forgery (CSRF) vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions (e.g., delete application users) by sending a crafted HTML document to a user that the website trusts. The user needs to have ...
CVE-2019-18978
PUBLISHED: 2019-11-14
An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.