Endpoint

7/2/2018
10:30 AM
David DeSanto
David DeSanto
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
100%
0%

Preparing for Transport Layer Security 1.3

The long-awaited encryption standard update is almost here. Get ready while you can to ensure security, interoperability, and performance.

Despite what may seem like draft after draft of specifications, along with continuous proclamations of "it's almost here!," the latest encryption standard, TLS v1.3, really is almost ready. The Network Working Group of the Internet Engineering Task Force has pushed to make Draft 28 of TLS v1.3 the final standard.

In addition, OpenSSL added Draft 28 to the pre-release version of its 1.1.1 software library; Google's Chrome browser added support for Draft 28, beginning with version 65; and Draft 28 is already enabled by default when accessing Gmail (using Chrome). Because TLS v1.3 will be here officially before you know it, now is the time to prepare.

Every organization should be focusing on three crucial issues to ensure the appropriate level of security, interoperability, and performance:

  1. How to handle zero round-trip-time resumption (0-RTT)
  2. Preparing for downgrades to TLS v1.2
  3. The need for infrastructure and application testing

Worth the Round Trip?
One highly discussed feature of TLS v1.3 is the 0-RTT option, which has the potential to significantly increase performance during an encrypted session between endpoints. Even without 0-RTT, TLS v1.3 speeds connection time between a client and server with a slimmer handshake protocol. Secure web communications using TLS v1.2 require two round trips between the client and server prior to the client making an HTTP request and the server generating a response. TLS v1.3 reduces the requirement to one round trip — which is only one round trip more than a simple nonencrypted HTTP transaction — and offers the ability to inherit trust to accomplish zero round trips, or 0-RTT.

Although the 0-RTT option potentially provides better performance, it creates a significant security risk. With 0-RTT, a transaction becomes easy prey for a replay attack, in which a threat actor can intercept an encrypted client message and resend it to the server, tricking the server into improperly extending trust to the threat actor and thus potentially granting the threat actor access to sensitive data.

Organizations should therefore be wary of allowing or using 0-RTT in their services and applications, due to the potential security risks. Developers need to be particularly attentive to this issue because it requires proactive configuration to ensure security. Unless your application or access is highly sensitive to latency, the new option is not worth the security risk.

Don't Let the Downgrade Drag Security Down
One of the great benefits of TLS v1.3 is that it eliminates support for legacy encryption standards and cipher suites. It allows backward compatibility to TLS v1.2, which, of course, is essential for transitioning to the new standard and to ensure interoperability. Before allowing a fallback to TLS v1.2, however, it is important to review your security settings. Any TLS v1.2 implementation must be configured to support higher security standards. Select strong cipher suites, including ones that leverage elliptic curve key exchange, use large asymmetric keys, and implement perfect forward secrecy. Disabling the lower cryptographic algorithms will help prevent security breaches such as man-in-the-middle attacks.

Testing 1, 2, 3…
Now is the time to be testing your infrastructure and applications for TLS v1.3 compatibility. Changing to this new encryption standard may be disruptive, and you will want to get ahead of any problems or issues. Test for interoperability, security, and performance in a combined, holistic manner, rather than as a series of separate tests that may encourage undesirable trade-offs in decision-making and implementation. Leverage highly realistic traffic mixes and require them to fully emulate your traffic's characteristics including the appropriate levels of encrypted traffic. Validate how internal and external users will interact with your systems and consider what this change in encryption may mean for an employee, customer, partner, or any other relevant stakeholder.

Test network clients, including mobile devices and tablets. Test servers, including any supporting equipment. Test all components of security equipment, including identity and access management systems, next-generation firewalls and data center firewalls, web proxies and SSL/TLS visibility solutions, IDS/IPS and endpoint security. Test storage and backup, both on-site and cloud-based. Test networking infrastructure, including wireless access points, any cloud resources, and anything else that might be involved with encrypted communication. Consider all applications, including email.

There is much to look forward to with TLS v1.3. New levels of security and performance will benefit everyone and address many issues with current encryption, despite the challenges. If you stay ahead of the process, you can transform changes into opportunities for improvement rather than problems that disrupt your business.

Related Content:

Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Register before July 27 and save $700! Click for more info

David DeSanto is a security expert with more than 15 years of security research, software development, and product strategy experience. At Spirent, David focuses on driving innovation by looking holistically at security testing and defining product requirements with the ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360,  11/13/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15769
PUBLISHED: 2018-11-16
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is...
CVE-2018-18955
PUBLISHED: 2018-11-16
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resour...
CVE-2018-19311
PUBLISHED: 2018-11-16
Centreon 3.4.x allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring > Status Details > Services" screen.
CVE-2018-19312
PUBLISHED: 2018-11-16
Centreon 3.4.x allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
CVE-2018-19318
PUBLISHED: 2018-11-16
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account.