SlideShare a Scribd company logo
TLS 1.2 vs TLS 1.3
What is TLS?
Transport Layer Security (TLS) is a foundational technology for online privacy. As
a cryptographic protocol, Transport Layer Security encrypts data and authenticates
connections when moving data over the internet via HTTP—an extension of the
protocol known as HTTPS (Hyper Text Transfer Protocol Secure). When a user visits
a website, their browser checks for a TLS certificate on the site. If one is present, their
browser performs a TLS handshake to check its validity and authenticate the server.
Once a link has been established between the two servers, TLS encryption and SSL
decryption enable secure data transport
SSL and TLS?
Transport Layer Security (TLS), Secure Sockets Layer (SSL) is a cryptographic
protocol that extends HTTP to authenticate internet connections and enable
encryption and SSL decryption for data communication over a network. In fact, TLS is
a direct evolution of SSL and introduced to address security vulnerabilities in the
earlier protocol. The differences between the two are relatively minor, such as the
stronger encryption algorithms and ability to work on different ports offered by TLS.
The terms are used somewhat interchangeably, and the same certificates can be
used with both TLS and SSL.
TLS 1.2 and TLS 1.3?
TLS version 1.2 was released in 2008. It is currently the most
widely implemented version of TLS. TLS 1.2 offers major
improvements over the older version, TLS 1.1.
A new version of TLS was launched in 2018 – the TLS 1.3
protocol. TLS 1.3 aims to solve all of the problems facing its
older version – TLS 1.2. While TLS 1.2 was a good choice for a
TLS protocol until recently, but now, TLS 1.3 offers a better
solution with a refreshing approach, especially for security-
related matters.
In October 2018, Apple, Google, Microsoft & Mozilla
(responsible for Chrome, Edge, IE, Firefox, and Safari
Issues with TLS 1.2 version
The new TLS 1.2 vulnerability, like the old POODLE, allows the
attacker to gain access to encrypted blocks of data – and then
gain exposure to plain text information – using side channels.
The procedure is this: if the victim visits, for example, a
non-encrypted website, malicious JavaScript is injected into
the victim’s browser. Once the browser is infected, a MITM
attack is executed and the attacker can grab the victim’s
cookies and credentials from a secure web session.
TLS 1.3 offers several improvements over earlier versions, most notably a faster TLS
handshake and simpler, more secure cipher suites. Zero Round-Trip Time (0-RTT) key
exchanges further streamline the TLS handshake. Together, these changes provide better
performance and stronger security.
TLS 1.3 offers faster Handshake
TLS encryption and SSL decryption require CPU time and add latency to network
communications, somewhat degrading performance. Under TLS 1.2, the initial
handshake was carried out in clear text, meaning that even it needed to be encrypted
and decrypted. Given that a typical handshake involved 5 – 7 packets exchanged
between the client and server, this added considerable overhead to the connection.
Under version 1.3, server certificate encryption was adopted by default, making it
possible for a TLS handshake to be performed with 0 – 3 packets, reducing or
eliminating this overhead and allowing faster, more responsive connections.
TLS 1.3 offers Simple, Stringer cipher Suites
In addition to reducing the number of packets to be exchanged during the
TLS handshake, version 1.3 has also shrunk the size of the cipher suites
used for encryption. In TLS 1.2 and earlier versions, the use of ciphers
with cryptographic weaknesses had posed potential security
vulnerabilities. TLS 1.3 includes support only for algorithms that currently
have no known vulnerabilities, including any that do not support Perfect
Forward Secrecy (PFS). The update has also removed the ability to
perform “renegotiation,” in which a client and server that already have a
TLS connection can negotiate new parameters and generate new keys, a
function that can increase risk.
TLS 1.2 vs
TLS 1.3
Handshake
process
TLS 1.2 vs TLS 1.3 version
TLS 1.2 handshake takes two round trips to complete
the TLS handshake, which adds network overhead and
latency to connections. Conversely, the TLS 1.3
handshake requires only one round trip from both
sides. This reduces the total setup time by half and
results in faster, highly-responsive HTTPS
connections.
Why to use TLS 1.3
TLS 1.3 takes a significant step forward in enhancing
security. It removes all primitive features that lead
to weak configurations. TLS 1.3 prevents common
SSL/TLS vulnerabilities such as DROWN, POODLE, SLOTH,
CRIME, and more.
TLS 1.3 improved performance
The performance improvement in TLS 1.3 is also brought
about by “Zero Round Trip Time Resumption or (0-RTT)”,
which means when a user tries to access a previously
visited website, the connection is instantly resumed
by exchanging the pre-shared keys from the previous
session. As the entire handshake process is
eliminated, the client can send data to the server on
the very first message.
TLS 1.3 vs TLS 1.2 comparison
The most important difference is that a TLS version 1.3 handshake takes less
time than a TLS version 1.2 handshake. TLS 1.3 benefits include:
•Reduction of round-trip processing, resulting in a faster handshake
•Improvement of latency times by reducing the number of round trips
•Improvement of website performance and user experience due to reduced
•Use of perfect forward secrecy
•Removal of vulnerable algorithms and ciphers
Summary
While TLS version 1.2 is still used, migration to TLS version 1.3 is
picking up steam due to the version’s simplicity, improved performance,
data privacy and security. Properly implemented TLS 1.3 provides a
faster connection which results in reduced latency. Reduced latency
improves website performance and user experience. Simplifying cypher
suites and removing insecure features and other vulnerabilities makes
client-server connections even more secure. Considering that TLS 1.3 is
not backwards compatible with TLS 1.2, businesses should consider
supporting both versions for a certain period to secure data transactions
with legacy systems and applications.
THANK YOU
Like the Video and Subscribe the Channel

More Related Content

Similar to Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version comparison

Egor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of viewEgor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of view
Sergey Arkhipov
 
Sequere socket Layer
Sequere socket LayerSequere socket Layer
Sequere socket Layer
Raghavendra Rao
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
CSCJournals
 
Differences to Know Between SSL & TLS certificate .pdf
Differences to Know Between SSL & TLS certificate .pdfDifferences to Know Between SSL & TLS certificate .pdf
Differences to Know Between SSL & TLS certificate .pdf
Host It Smart
 
CN
CNCN
CN
sowfi
 
Introducing TLS 1.3 – The future of Encryption
Introducing TLS 1.3 – The future of EncryptionIntroducing TLS 1.3 – The future of Encryption
Introducing TLS 1.3 – The future of Encryption
RapidSSLOnline.com
 
tor
tortor
Report on Heartbleed
Report on HeartbleedReport on Heartbleed
Report on Heartbleed
Shiva Sagar
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
csandit
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
cscpconf
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer Security
Sanjeev Kumar Jaiswal
 
SSL VS TLS.pptx
SSL VS TLS.pptxSSL VS TLS.pptx
SSL VS TLS.pptx
Vignesh kumar
 
What is TLS/SSL?
What is TLS/SSL? What is TLS/SSL?
What is TLS/SSL?
Shehzad Imran
 
CNIT 141: 13. TLS
CNIT 141: 13. TLSCNIT 141: 13. TLS
CNIT 141: 13. TLS
Sam Bowne
 
Performance Analysis of TLS Web Servers
Performance Analysis of TLS Web ServersPerformance Analysis of TLS Web Servers
Performance Analysis of TLS Web Servers
webhostingguy
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.ppt
ImXaib
 
Rootconf2019
Rootconf2019Rootconf2019
Rootconf2019
Huzaifa Sidhpurwala
 
CNIT 141 13. TLS
CNIT 141 13. TLSCNIT 141 13. TLS
CNIT 141 13. TLS
Sam Bowne
 
CNIT 141: 13. TLS
CNIT 141: 13. TLSCNIT 141: 13. TLS
CNIT 141: 13. TLS
Sam Bowne
 
Tls 1.3
Tls 1.3Tls 1.3
Tls 1.3
Kevin OBrien
 

Similar to Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version comparison (20)

Egor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of viewEgor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of view
 
Sequere socket Layer
Sequere socket LayerSequere socket Layer
Sequere socket Layer
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
 
Differences to Know Between SSL & TLS certificate .pdf
Differences to Know Between SSL & TLS certificate .pdfDifferences to Know Between SSL & TLS certificate .pdf
Differences to Know Between SSL & TLS certificate .pdf
 
CN
CNCN
CN
 
Introducing TLS 1.3 – The future of Encryption
Introducing TLS 1.3 – The future of EncryptionIntroducing TLS 1.3 – The future of Encryption
Introducing TLS 1.3 – The future of Encryption
 
tor
tortor
tor
 
Report on Heartbleed
Report on HeartbleedReport on Heartbleed
Report on Heartbleed
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer Security
 
SSL VS TLS.pptx
SSL VS TLS.pptxSSL VS TLS.pptx
SSL VS TLS.pptx
 
What is TLS/SSL?
What is TLS/SSL? What is TLS/SSL?
What is TLS/SSL?
 
CNIT 141: 13. TLS
CNIT 141: 13. TLSCNIT 141: 13. TLS
CNIT 141: 13. TLS
 
Performance Analysis of TLS Web Servers
Performance Analysis of TLS Web ServersPerformance Analysis of TLS Web Servers
Performance Analysis of TLS Web Servers
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.ppt
 
Rootconf2019
Rootconf2019Rootconf2019
Rootconf2019
 
CNIT 141 13. TLS
CNIT 141 13. TLSCNIT 141 13. TLS
CNIT 141 13. TLS
 
CNIT 141: 13. TLS
CNIT 141: 13. TLSCNIT 141: 13. TLS
CNIT 141: 13. TLS
 
Tls 1.3
Tls 1.3Tls 1.3
Tls 1.3
 

More from jeetendra mandal

what is OSI model
what is OSI modelwhat is OSI model
what is OSI model
jeetendra mandal
 
What is AWS Cloud Watch
What is AWS Cloud WatchWhat is AWS Cloud Watch
What is AWS Cloud Watch
jeetendra mandal
 
What is AWS Fargate
What is AWS FargateWhat is AWS Fargate
What is AWS Fargate
jeetendra mandal
 
Eventual consistency vs Strong consistency what is the difference
Eventual consistency vs Strong consistency what is the differenceEventual consistency vs Strong consistency what is the difference
Eventual consistency vs Strong consistency what is the difference
jeetendra mandal
 
Batch Processing vs Stream Processing Difference
Batch Processing vs Stream Processing DifferenceBatch Processing vs Stream Processing Difference
Batch Processing vs Stream Processing Difference
jeetendra mandal
 
Difference between Database vs Data Warehouse vs Data Lake
Difference between Database vs Data Warehouse vs Data LakeDifference between Database vs Data Warehouse vs Data Lake
Difference between Database vs Data Warehouse vs Data Lake
jeetendra mandal
 
Difference between Client Polling vs Server Push vs Websocket vs Long Polling
Difference between Client Polling vs Server Push vs Websocket vs Long PollingDifference between Client Polling vs Server Push vs Websocket vs Long Polling
Difference between Client Polling vs Server Push vs Websocket vs Long Polling
jeetendra mandal
 
Difference Program vs Process vs Thread
Difference Program vs Process vs ThreadDifference Program vs Process vs Thread
Difference Program vs Process vs Thread
jeetendra mandal
 
Carrier Advice for a JAVA Developer How to Become a Java Programmer
Carrier Advice for a JAVA Developer How to Become a Java ProgrammerCarrier Advice for a JAVA Developer How to Become a Java Programmer
Carrier Advice for a JAVA Developer How to Become a Java Programmer
jeetendra mandal
 
How to become a Software Tester Carrier Path for Software Quality Tester
How to become a Software Tester Carrier Path for Software Quality TesterHow to become a Software Tester Carrier Path for Software Quality Tester
How to become a Software Tester Carrier Path for Software Quality Tester
jeetendra mandal
 
How to become a Software Engineer Carrier Path for Software Developer
How to become a Software Engineer Carrier Path for Software DeveloperHow to become a Software Engineer Carrier Path for Software Developer
How to become a Software Engineer Carrier Path for Software Developer
jeetendra mandal
 
Events vs Notifications
Events vs NotificationsEvents vs Notifications
Events vs Notifications
jeetendra mandal
 
Microservice Architecture Software Architecture Microservice Design Pattern
Microservice Architecture Software Architecture Microservice Design PatternMicroservice Architecture Software Architecture Microservice Design Pattern
Microservice Architecture Software Architecture Microservice Design Pattern
jeetendra mandal
 
Event Driven Software Architecture Pattern
Event Driven Software Architecture PatternEvent Driven Software Architecture Pattern
Event Driven Software Architecture Pattern
jeetendra mandal
 
Top 5 Software Architecture Pattern Event Driven SOA Microservice Serverless ...
Top 5 Software Architecture Pattern Event Driven SOA Microservice Serverless ...Top 5 Software Architecture Pattern Event Driven SOA Microservice Serverless ...
Top 5 Software Architecture Pattern Event Driven SOA Microservice Serverless ...
jeetendra mandal
 
Observability vs APM vs Monitoring Comparison
Observability vs APM vs  Monitoring ComparisonObservability vs APM vs  Monitoring Comparison
Observability vs APM vs Monitoring Comparison
jeetendra mandal
 
Disaster Recovery vs Data Backup what is the difference
Disaster Recovery vs Data Backup what is the differenceDisaster Recovery vs Data Backup what is the difference
Disaster Recovery vs Data Backup what is the difference
jeetendra mandal
 
What is Spinnaker? Spinnaker tutorial
What is Spinnaker? Spinnaker tutorialWhat is Spinnaker? Spinnaker tutorial
What is Spinnaker? Spinnaker tutorial
jeetendra mandal
 
Difference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs BitbucketDifference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs Bitbucket
jeetendra mandal
 
Difference between Git and Github
Difference between Git and GithubDifference between Git and Github
Difference between Git and Github
jeetendra mandal
 

More from jeetendra mandal (20)

what is OSI model
what is OSI modelwhat is OSI model
what is OSI model
 
What is AWS Cloud Watch
What is AWS Cloud WatchWhat is AWS Cloud Watch
What is AWS Cloud Watch
 
What is AWS Fargate
What is AWS FargateWhat is AWS Fargate
What is AWS Fargate
 
Eventual consistency vs Strong consistency what is the difference
Eventual consistency vs Strong consistency what is the differenceEventual consistency vs Strong consistency what is the difference
Eventual consistency vs Strong consistency what is the difference
 
Batch Processing vs Stream Processing Difference
Batch Processing vs Stream Processing DifferenceBatch Processing vs Stream Processing Difference
Batch Processing vs Stream Processing Difference
 
Difference between Database vs Data Warehouse vs Data Lake
Difference between Database vs Data Warehouse vs Data LakeDifference between Database vs Data Warehouse vs Data Lake
Difference between Database vs Data Warehouse vs Data Lake
 
Difference between Client Polling vs Server Push vs Websocket vs Long Polling
Difference between Client Polling vs Server Push vs Websocket vs Long PollingDifference between Client Polling vs Server Push vs Websocket vs Long Polling
Difference between Client Polling vs Server Push vs Websocket vs Long Polling
 
Difference Program vs Process vs Thread
Difference Program vs Process vs ThreadDifference Program vs Process vs Thread
Difference Program vs Process vs Thread
 
Carrier Advice for a JAVA Developer How to Become a Java Programmer
Carrier Advice for a JAVA Developer How to Become a Java ProgrammerCarrier Advice for a JAVA Developer How to Become a Java Programmer
Carrier Advice for a JAVA Developer How to Become a Java Programmer
 
How to become a Software Tester Carrier Path for Software Quality Tester
How to become a Software Tester Carrier Path for Software Quality TesterHow to become a Software Tester Carrier Path for Software Quality Tester
How to become a Software Tester Carrier Path for Software Quality Tester
 
How to become a Software Engineer Carrier Path for Software Developer
How to become a Software Engineer Carrier Path for Software DeveloperHow to become a Software Engineer Carrier Path for Software Developer
How to become a Software Engineer Carrier Path for Software Developer
 
Events vs Notifications
Events vs NotificationsEvents vs Notifications
Events vs Notifications
 
Microservice Architecture Software Architecture Microservice Design Pattern
Microservice Architecture Software Architecture Microservice Design PatternMicroservice Architecture Software Architecture Microservice Design Pattern
Microservice Architecture Software Architecture Microservice Design Pattern
 
Event Driven Software Architecture Pattern
Event Driven Software Architecture PatternEvent Driven Software Architecture Pattern
Event Driven Software Architecture Pattern
 
Top 5 Software Architecture Pattern Event Driven SOA Microservice Serverless ...
Top 5 Software Architecture Pattern Event Driven SOA Microservice Serverless ...Top 5 Software Architecture Pattern Event Driven SOA Microservice Serverless ...
Top 5 Software Architecture Pattern Event Driven SOA Microservice Serverless ...
 
Observability vs APM vs Monitoring Comparison
Observability vs APM vs  Monitoring ComparisonObservability vs APM vs  Monitoring Comparison
Observability vs APM vs Monitoring Comparison
 
Disaster Recovery vs Data Backup what is the difference
Disaster Recovery vs Data Backup what is the differenceDisaster Recovery vs Data Backup what is the difference
Disaster Recovery vs Data Backup what is the difference
 
What is Spinnaker? Spinnaker tutorial
What is Spinnaker? Spinnaker tutorialWhat is Spinnaker? Spinnaker tutorial
What is Spinnaker? Spinnaker tutorial
 
Difference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs BitbucketDifference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs Bitbucket
 
Difference between Git and Github
Difference between Git and GithubDifference between Git and Github
Difference between Git and Github
 

Recently uploaded

Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
shanihomely
 
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
3610stuck
 
03. Ruby Variables & Regex - Ruby Core Teaching
03. Ruby Variables & Regex - Ruby Core Teaching03. Ruby Variables & Regex - Ruby Core Teaching
03. Ruby Variables & Regex - Ruby Core Teaching
quanhoangd129
 
How to Secure Your Kubernetes Software Supply Chain at Scale
How to Secure Your Kubernetes Software Supply Chain at ScaleHow to Secure Your Kubernetes Software Supply Chain at Scale
How to Secure Your Kubernetes Software Supply Chain at Scale
Anchore
 
Unlocking value with event-driven architecture by Confluent
Unlocking value with event-driven architecture by ConfluentUnlocking value with event-driven architecture by Confluent
Unlocking value with event-driven architecture by Confluent
confluent
 
07. Ruby String Slides - Ruby Core Teaching
07. Ruby String Slides - Ruby Core Teaching07. Ruby String Slides - Ruby Core Teaching
07. Ruby String Slides - Ruby Core Teaching
quanhoangd129
 
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
singhlata50dh
 
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
rachitkumar09887
 
Old Tools, New Tricks: Unleashing the Power of Time-Tested Testing Tools
Old Tools, New Tricks: Unleashing the Power of Time-Tested Testing ToolsOld Tools, New Tricks: Unleashing the Power of Time-Tested Testing Tools
Old Tools, New Tricks: Unleashing the Power of Time-Tested Testing Tools
Benjamin Bischoff
 
Test Polarity: Detecting Positive and Negative Tests (FSE 2024)
Test Polarity: Detecting Positive and Negative Tests (FSE 2024)Test Polarity: Detecting Positive and Negative Tests (FSE 2024)
Test Polarity: Detecting Positive and Negative Tests (FSE 2024)
andrehoraa
 
Verified Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDeli...
Verified Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDeli...Verified Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDeli...
Verified Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDeli...
87tomato
 
GT degree offer diploma Transcript
GT degree offer diploma TranscriptGT degree offer diploma Transcript
GT degree offer diploma Transcript
attueb
 
AI - Your Startup Sidekick (Leveraging AI to Bootstrap a Lean Startup).pdf
AI - Your Startup Sidekick (Leveraging AI to Bootstrap a Lean Startup).pdfAI - Your Startup Sidekick (Leveraging AI to Bootstrap a Lean Startup).pdf
AI - Your Startup Sidekick (Leveraging AI to Bootstrap a Lean Startup).pdf
Daniel Zivkovic
 
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
kiara pandey
 
Applitools Autonomous 2.0 Sneak Peek.pdf
Applitools Autonomous 2.0 Sneak Peek.pdfApplitools Autonomous 2.0 Sneak Peek.pdf
Applitools Autonomous 2.0 Sneak Peek.pdf
Applitools
 
OpenChain Webinar: IAV, TimeToAct and ISO/IEC 5230 - Third-Party Certificatio...
OpenChain Webinar: IAV, TimeToAct and ISO/IEC 5230 - Third-Party Certificatio...OpenChain Webinar: IAV, TimeToAct and ISO/IEC 5230 - Third-Party Certificatio...
OpenChain Webinar: IAV, TimeToAct and ISO/IEC 5230 - Third-Party Certificatio...
Shane Coughlan
 
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
revolutionary575
 
05. Ruby Control Structures - Ruby Core Teaching
05. Ruby Control Structures - Ruby Core Teaching05. Ruby Control Structures - Ruby Core Teaching
05. Ruby Control Structures - Ruby Core Teaching
quanhoangd129
 
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
norina2645
 
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
dream girl
 

Recently uploaded (20)

Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
 
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
 
03. Ruby Variables & Regex - Ruby Core Teaching
03. Ruby Variables & Regex - Ruby Core Teaching03. Ruby Variables & Regex - Ruby Core Teaching
03. Ruby Variables & Regex - Ruby Core Teaching
 
How to Secure Your Kubernetes Software Supply Chain at Scale
How to Secure Your Kubernetes Software Supply Chain at ScaleHow to Secure Your Kubernetes Software Supply Chain at Scale
How to Secure Your Kubernetes Software Supply Chain at Scale
 
Unlocking value with event-driven architecture by Confluent
Unlocking value with event-driven architecture by ConfluentUnlocking value with event-driven architecture by Confluent
Unlocking value with event-driven architecture by Confluent
 
07. Ruby String Slides - Ruby Core Teaching
07. Ruby String Slides - Ruby Core Teaching07. Ruby String Slides - Ruby Core Teaching
07. Ruby String Slides - Ruby Core Teaching
 
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
 
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
 
Old Tools, New Tricks: Unleashing the Power of Time-Tested Testing Tools
Old Tools, New Tricks: Unleashing the Power of Time-Tested Testing ToolsOld Tools, New Tricks: Unleashing the Power of Time-Tested Testing Tools
Old Tools, New Tricks: Unleashing the Power of Time-Tested Testing Tools
 
Test Polarity: Detecting Positive and Negative Tests (FSE 2024)
Test Polarity: Detecting Positive and Negative Tests (FSE 2024)Test Polarity: Detecting Positive and Negative Tests (FSE 2024)
Test Polarity: Detecting Positive and Negative Tests (FSE 2024)
 
Verified Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDeli...
Verified Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDeli...Verified Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDeli...
Verified Girls Call Mumbai 👀 9820252231 👀 Cash Payment With Room DeliveryDeli...
 
GT degree offer diploma Transcript
GT degree offer diploma TranscriptGT degree offer diploma Transcript
GT degree offer diploma Transcript
 
AI - Your Startup Sidekick (Leveraging AI to Bootstrap a Lean Startup).pdf
AI - Your Startup Sidekick (Leveraging AI to Bootstrap a Lean Startup).pdfAI - Your Startup Sidekick (Leveraging AI to Bootstrap a Lean Startup).pdf
AI - Your Startup Sidekick (Leveraging AI to Bootstrap a Lean Startup).pdf
 
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
 
Applitools Autonomous 2.0 Sneak Peek.pdf
Applitools Autonomous 2.0 Sneak Peek.pdfApplitools Autonomous 2.0 Sneak Peek.pdf
Applitools Autonomous 2.0 Sneak Peek.pdf
 
OpenChain Webinar: IAV, TimeToAct and ISO/IEC 5230 - Third-Party Certificatio...
OpenChain Webinar: IAV, TimeToAct and ISO/IEC 5230 - Third-Party Certificatio...OpenChain Webinar: IAV, TimeToAct and ISO/IEC 5230 - Third-Party Certificatio...
OpenChain Webinar: IAV, TimeToAct and ISO/IEC 5230 - Third-Party Certificatio...
 
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
Busty Girls Call Mumbai 9930245274 Unlimited Short Providing Girls Service Av...
 
05. Ruby Control Structures - Ruby Core Teaching
05. Ruby Control Structures - Ruby Core Teaching05. Ruby Control Structures - Ruby Core Teaching
05. Ruby Control Structures - Ruby Core Teaching
 
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
 
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
Russian Girls Call Mumbai 🛵🚡9833363713 💃 Choose Best And Top Girl Service And...
 

Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version comparison

  • 1. TLS 1.2 vs TLS 1.3
  • 2. What is TLS? Transport Layer Security (TLS) is a foundational technology for online privacy. As a cryptographic protocol, Transport Layer Security encrypts data and authenticates connections when moving data over the internet via HTTP—an extension of the protocol known as HTTPS (Hyper Text Transfer Protocol Secure). When a user visits a website, their browser checks for a TLS certificate on the site. If one is present, their browser performs a TLS handshake to check its validity and authenticate the server. Once a link has been established between the two servers, TLS encryption and SSL decryption enable secure data transport
  • 3. SSL and TLS? Transport Layer Security (TLS), Secure Sockets Layer (SSL) is a cryptographic protocol that extends HTTP to authenticate internet connections and enable encryption and SSL decryption for data communication over a network. In fact, TLS is a direct evolution of SSL and introduced to address security vulnerabilities in the earlier protocol. The differences between the two are relatively minor, such as the stronger encryption algorithms and ability to work on different ports offered by TLS. The terms are used somewhat interchangeably, and the same certificates can be used with both TLS and SSL.
  • 4. TLS 1.2 and TLS 1.3? TLS version 1.2 was released in 2008. It is currently the most widely implemented version of TLS. TLS 1.2 offers major improvements over the older version, TLS 1.1. A new version of TLS was launched in 2018 – the TLS 1.3 protocol. TLS 1.3 aims to solve all of the problems facing its older version – TLS 1.2. While TLS 1.2 was a good choice for a TLS protocol until recently, but now, TLS 1.3 offers a better solution with a refreshing approach, especially for security- related matters. In October 2018, Apple, Google, Microsoft & Mozilla (responsible for Chrome, Edge, IE, Firefox, and Safari
  • 5. Issues with TLS 1.2 version The new TLS 1.2 vulnerability, like the old POODLE, allows the attacker to gain access to encrypted blocks of data – and then gain exposure to plain text information – using side channels. The procedure is this: if the victim visits, for example, a non-encrypted website, malicious JavaScript is injected into the victim’s browser. Once the browser is infected, a MITM attack is executed and the attacker can grab the victim’s cookies and credentials from a secure web session.
  • 6. TLS 1.3 offers several improvements over earlier versions, most notably a faster TLS handshake and simpler, more secure cipher suites. Zero Round-Trip Time (0-RTT) key exchanges further streamline the TLS handshake. Together, these changes provide better performance and stronger security.
  • 7. TLS 1.3 offers faster Handshake TLS encryption and SSL decryption require CPU time and add latency to network communications, somewhat degrading performance. Under TLS 1.2, the initial handshake was carried out in clear text, meaning that even it needed to be encrypted and decrypted. Given that a typical handshake involved 5 – 7 packets exchanged between the client and server, this added considerable overhead to the connection. Under version 1.3, server certificate encryption was adopted by default, making it possible for a TLS handshake to be performed with 0 – 3 packets, reducing or eliminating this overhead and allowing faster, more responsive connections.
  • 8. TLS 1.3 offers Simple, Stringer cipher Suites In addition to reducing the number of packets to be exchanged during the TLS handshake, version 1.3 has also shrunk the size of the cipher suites used for encryption. In TLS 1.2 and earlier versions, the use of ciphers with cryptographic weaknesses had posed potential security vulnerabilities. TLS 1.3 includes support only for algorithms that currently have no known vulnerabilities, including any that do not support Perfect Forward Secrecy (PFS). The update has also removed the ability to perform “renegotiation,” in which a client and server that already have a TLS connection can negotiate new parameters and generate new keys, a function that can increase risk.
  • 9. TLS 1.2 vs TLS 1.3 Handshake process
  • 10. TLS 1.2 vs TLS 1.3 version TLS 1.2 handshake takes two round trips to complete the TLS handshake, which adds network overhead and latency to connections. Conversely, the TLS 1.3 handshake requires only one round trip from both sides. This reduces the total setup time by half and results in faster, highly-responsive HTTPS connections.
  • 11. Why to use TLS 1.3 TLS 1.3 takes a significant step forward in enhancing security. It removes all primitive features that lead to weak configurations. TLS 1.3 prevents common SSL/TLS vulnerabilities such as DROWN, POODLE, SLOTH, CRIME, and more.
  • 12. TLS 1.3 improved performance The performance improvement in TLS 1.3 is also brought about by “Zero Round Trip Time Resumption or (0-RTT)”, which means when a user tries to access a previously visited website, the connection is instantly resumed by exchanging the pre-shared keys from the previous session. As the entire handshake process is eliminated, the client can send data to the server on the very first message.
  • 13. TLS 1.3 vs TLS 1.2 comparison The most important difference is that a TLS version 1.3 handshake takes less time than a TLS version 1.2 handshake. TLS 1.3 benefits include: •Reduction of round-trip processing, resulting in a faster handshake •Improvement of latency times by reducing the number of round trips •Improvement of website performance and user experience due to reduced •Use of perfect forward secrecy •Removal of vulnerable algorithms and ciphers
  • 14. Summary While TLS version 1.2 is still used, migration to TLS version 1.3 is picking up steam due to the version’s simplicity, improved performance, data privacy and security. Properly implemented TLS 1.3 provides a faster connection which results in reduced latency. Reduced latency improves website performance and user experience. Simplifying cypher suites and removing insecure features and other vulnerabilities makes client-server connections even more secure. Considering that TLS 1.3 is not backwards compatible with TLS 1.2, businesses should consider supporting both versions for a certain period to secure data transactions with legacy systems and applications.
  • 15. THANK YOU Like the Video and Subscribe the Channel