Differences between TLS 1.2 and TLS 1.3

    • wolfSSL’s embedded SSL/TLS library has included support for TLS 1.3 since early releases of the TLS 1.3 draft. Since then, wolfSSL has remained up-to-date with the TLS 1.3 specification. In this post, the major upgrades of TLS 1.3 from TLS 1.2 are outlined below:

    TLS 1.3

    This protocol is defined in RFC 8446. TLS 1.3 contains improved security and speed. The major differences include:

    • The list of supported symmetric algorithms has been pruned of all legacy algorithms. The remaining algorithms all use Authenticated Encryption with Associated Data (AEAD) algorithms.
    • A zero-RTT (0-RTT) mode was added, saving a round-trip at connection setup for some application data at the cost of certain security properties.
    • Static RSA and Diffie-Hellman cipher suites have been removed; all public-key based key exchange mechanisms now provide forward secrecy.
    • All handshake messages after the ServerHello are now encrypted.
    • Key derivation functions have been re-designed, with the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) being used as a primitive.
    • The handshake state machine has been restructured to be more consistent and remove superfluous messages.
    • ECC is now in the base spec  and includes new signature algorithms. Point format negotiation has been removed in favor of single point format for each curve.
    • Compression, custom DHE groups, and DSA have been removed, RSA padding now uses PSS.
    • TLS 1.2 version negotiation verification mechanism was deprecated in favor of a version list in an extension.
    • Session resumption with and without server-side state and the PSK-based ciphersuites of earlier versions of TLS have been replaced by a single new PSK exchange.

    More information about the TLS 1.3 protocol can be found here: https://www.wolfssl.com/docs/tls13/. Additionally, please contact facts@wolfssl.com for any questions.

    Resources:

    If you would like to read more about SSL or TLS, here are several resources that might be helpful:

    TLS – Wikipedia (http://en.wikipedia.org/wiki/Transport_Layer_Security)
    SSL versus TLS – What`s the Difference? (http://luxsci.com/blog/ssl-versus-tls-whats-the-difference.html)
    Cisco – SSL: Foundation for Web Security (http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-1/ssl.html)