Endpoint

7/2/2018
10:30 AM
David DeSanto
David DeSanto
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
100%
0%

Preparing for Transport Layer Security 1.3

The long-awaited encryption standard update is almost here. Get ready while you can to ensure security, interoperability, and performance.

Despite what may seem like draft after draft of specifications, along with continuous proclamations of "it's almost here!," the latest encryption standard, TLS v1.3, really is almost ready. The Network Working Group of the Internet Engineering Task Force has pushed to make Draft 28 of TLS v1.3 the final standard.

In addition, OpenSSL added Draft 28 to the pre-release version of its 1.1.1 software library; Google's Chrome browser added support for Draft 28, beginning with version 65; and Draft 28 is already enabled by default when accessing Gmail (using Chrome). Because TLS v1.3 will be here officially before you know it, now is the time to prepare.

Every organization should be focusing on three crucial issues to ensure the appropriate level of security, interoperability, and performance:

  1. How to handle zero round-trip-time resumption (0-RTT)
  2. Preparing for downgrades to TLS v1.2
  3. The need for infrastructure and application testing

Worth the Round Trip?
One highly discussed feature of TLS v1.3 is the 0-RTT option, which has the potential to significantly increase performance during an encrypted session between endpoints. Even without 0-RTT, TLS v1.3 speeds connection time between a client and server with a slimmer handshake protocol. Secure web communications using TLS v1.2 require two round trips between the client and server prior to the client making an HTTP request and the server generating a response. TLS v1.3 reduces the requirement to one round trip — which is only one round trip more than a simple nonencrypted HTTP transaction — and offers the ability to inherit trust to accomplish zero round trips, or 0-RTT.

Although the 0-RTT option potentially provides better performance, it creates a significant security risk. With 0-RTT, a transaction becomes easy prey for a replay attack, in which a threat actor can intercept an encrypted client message and resend it to the server, tricking the server into improperly extending trust to the threat actor and thus potentially granting the threat actor access to sensitive data.

Organizations should therefore be wary of allowing or using 0-RTT in their services and applications, due to the potential security risks. Developers need to be particularly attentive to this issue because it requires proactive configuration to ensure security. Unless your application or access is highly sensitive to latency, the new option is not worth the security risk.

Don't Let the Downgrade Drag Security Down
One of the great benefits of TLS v1.3 is that it eliminates support for legacy encryption standards and cipher suites. It allows backward compatibility to TLS v1.2, which, of course, is essential for transitioning to the new standard and to ensure interoperability. Before allowing a fallback to TLS v1.2, however, it is important to review your security settings. Any TLS v1.2 implementation must be configured to support higher security standards. Select strong cipher suites, including ones that leverage elliptic curve key exchange, use large asymmetric keys, and implement perfect forward secrecy. Disabling the lower cryptographic algorithms will help prevent security breaches such as man-in-the-middle attacks.

Testing 1, 2, 3…
Now is the time to be testing your infrastructure and applications for TLS v1.3 compatibility. Changing to this new encryption standard may be disruptive, and you will want to get ahead of any problems or issues. Test for interoperability, security, and performance in a combined, holistic manner, rather than as a series of separate tests that may encourage undesirable trade-offs in decision-making and implementation. Leverage highly realistic traffic mixes and require them to fully emulate your traffic's characteristics including the appropriate levels of encrypted traffic. Validate how internal and external users will interact with your systems and consider what this change in encryption may mean for an employee, customer, partner, or any other relevant stakeholder.

Test network clients, including mobile devices and tablets. Test servers, including any supporting equipment. Test all components of security equipment, including identity and access management systems, next-generation firewalls and data center firewalls, web proxies and SSL/TLS visibility solutions, IDS/IPS and endpoint security. Test storage and backup, both on-site and cloud-based. Test networking infrastructure, including wireless access points, any cloud resources, and anything else that might be involved with encrypted communication. Consider all applications, including email.

There is much to look forward to with TLS v1.3. New levels of security and performance will benefit everyone and address many issues with current encryption, despite the challenges. If you stay ahead of the process, you can transform changes into opportunities for improvement rather than problems that disrupt your business.

Related Content:

Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Register before July 27 and save $700! Click for more info

David DeSanto is a security expert with more than 15 years of security research, software development, and product strategy experience. At Spirent, David focuses on driving innovation by looking holistically at security testing and defining product requirements with the ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14492
PUBLISHED: 2018-07-21
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2018-3770
PUBLISHED: 2018-07-20
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
CVE-2018-3771
PUBLISHED: 2018-07-20
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
CVE-2018-5065
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-5066
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.