Lets talk TLS 1.3
Red Hat Product Security Team
We are going to talk about:
What is SSL/TLS and why is it so important?
Security flaws affecting older versions of
What is new in TLS 1.3 (security, performance)
What is SSL/TLS a.k.a why do I
Most used protocol on the internet.
Currently all protocols are wrapped in SSL/TLS
to secure them on internet.
Most flaws found with SSL/TLS, higher attack
Most implemented protocol on the internet:
OpenSSL, NSS, GnuTLS, java etc
First of its kind!
Implementation flaw in heartbeat extension in
Lead researchers to look deeper in SSL/TLS
Timing attack against CBC
Known previously, but this time they found a
novel way to exploit it.
All open source SSL/TLS code was found to be
Affects TLS 1.0 and earlier.
Purely a client-side flaw, normally affects
browsers with malicious extensions.
Can be used to predict plain text.
TLS 1.3 ?
There were others as well...
TLS 1.3 ?
We need a new protocol designed from ground
up with security in mind, rather than older
TLS 1.3 ?
Improvement in two major fields
– Performance (with security in mind)
Session resumption with TLS
– Servers keep track of sessions via session ids.
Client re-connects with session id to resume the
– After handshake, a session ticket (blob of session
key + associated data) encrypted with server key is
sent to be stored with the client.
– On resumption client presents this to the server.
Session resumption in TLS 1.3
Both of the previous methods are not obsolete.
Replaced by PSK mode in TLS 1.3
“The idea is that after a session is established, the
client and server can derive a shared secret called
the “resumption master secret”. This can either be
stored on the server with an id (session id style) or
encrypted by a key known only to the server (session
ticket style). This session ticket is sent to the client
and redeemed when resuming a connection.”