Customers who use the Internet to gain access to your organization’s online services expect to connect to the desired website securely. They also expect data transmitted over the Internet will remain confidential and not be modified by unauthorized parties. When a customer accesses an organization’s website, Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocol provides the user with a secure connection. This secure connection allows your company to protect customer and user data, and it gives the customer the trust and confidence to provide such data over the Internet. Modern browsers support TLS 1.2 and TLS 1.3 protocols, but version 1.3 is significantly better.
SSL/TLS cryptographic protocols
The TLS protocol is the evolution of the Secure Socket Layer (SSL) protocol, the original protocol that was used to provide encryption over the Hypertext Transfer Protocol (HTTP) traffic, in the form of HTTP Secure (HTTPS). TLS 1.0 was introduced as a replacement to SSL. TLS 1.0 was replaced by 1.1, then 1.2, and in 2018, TLS 1.3 was finalized.
In addition to selecting the appropriate TLS version (e.g., TLS version 1.2 or 1.3), implementation is key to achieving the desired outcome (i.e. a secure connection). Organizations can achieve confidentiality, integrity, replay prevention and authentication when TLS is implemented correctly. The National Institute of Standards and Technology (NIST) requires that TLS 1.2 configured with Federal Information Processing Standards (FIPS)-based cipher suites be supported by all government TLS servers and clients and requires support for TLS 1.3 by January 1, 2024.
The difference between TLS 1.3 and TLS 1.2 is significant
The most important difference is that a TLS version 1.3 handshake takes less time than a TLS version 1.2 handshake. TLS 1.3 benefits include:
- Reduction of round-trip processing, resulting in a faster handshake
- Improvement of latency times by reducing the number of round trips
- Improvement of website performance and user experience due to reduced
- Use of perfect forward secrecy
- Removal of vulnerable algorithms and ciphers
Performance differences between TLS 1.2 and 1.3
Secure client-server connections are established by what is commonly referred to as the SSL/TLS handshake. The handshake involves a series of steps that require verification and authentication prior to establishing the secure connection between the client and the server. Essentially, the handshake creates a secure tunnel for communication over the Internet.
The TLS 1.2 handshake involves multiple communications or round trips between the server and client before finalizing a secure connection, imposing unnecessary performance and network overhead. A roundtrip results in a slower connection between the client and the server. TLS 1.3 reduces the number of roundtrips during the handshake. The shorter handshake results in faster secure connections. It also improves HTTPS performance by reducing page load times on mobile devices, which reduces latency and improves user experience.
Figure 1: Comparison of TLS handshakes. Image courtesy of A10 Networks.
Perfect forward secrecy
Perfect forward secrecy is a feature of SSL/TLS that prevents an attacker from being able to decrypt the data from historical or future sessions if they’re able to steal the private keys used in a particular session. You can think of forward secrecy as protecting against cybercriminals who work tirelessly to view or steal data that was previously transmitted between a client and server by using a compromised private key. Forward secrecy uses unique session keys that are generated frequently and automatically. It prevents an attacker from getting the session key by decrypting the data sent during the handshake.
TLS 1.2 vs 1.3: security
The TLS 1.3 version is more secure. To secure customer or user data transferred over the Internet, TLS/SSL uses one or more cipher suites. A cipher suite is a combination of authentication, encryption, and message authentication code algorithms. They are used during the negotiation of security settings for a TLS/SSL connection as well as for the transfer of data.
As part of the SSL/TLS handshake, the server and client agree on the cipher suite to be used for encrypted communication. TLS 1.3 supports cipher suites that do not include key exchange and signature algorithms. TLS version 1.2 used ciphers with cryptographic weaknesses that had security vulnerabilities. The following insecure features were removed from TLS 1.3:
While TLS version 1.2 is still used, migration to TLS version 1.3 is picking up steam due to the version’s simplicity, improved performance, data privacy and security. Properly implemented TLS 1.3 provides a faster connection which results in reduced latency. Reduced latency improves website performance and user experience. Simplifying cypher suites and removing insecure features and other vulnerabilities makes client-server connections even more secure. Considering that TLS 1.3 is not backwards compatible with TLS 1.2, businesses should consider supporting both versions for a certain period to secure data transactions with legacy systems and applications.
Migrating from TLS 1.2 to TLS 1.3 is a tremendous leap. The decision to upgrade, however, is an easy one if improving website performance, providing stronger security and building customer trust is an organizational goal.