TLS 1.3: Lessons Learned from Implementing and Deploying the Latest Protocol

Presented at DeepSec 2016 „Ten“, Unknown date/time (Unknown duration)

Version 1.3 is the latest Transport Layer Security (TLS) protocol, which allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. TLS is the S in HTTPS. TLS was last changed in 2008, and a lot of progress has been made since then. CloudFlare will be the first company to deploy this on a wide scale, and we'll be able to discuss the insights we gained while implementing and deploying this protocol. This talk will explore differences between TLS 1.3 and previous versions in detail, focusing on the security improvements of the new protocol as well as some of the challenges we face around securely implementing new features such as 0-RTT resumption. We'll also demonstrate an attack on the way some browsers have chosen to implement TLS 1.3.

Presenters:

• Nick Sullivan - CloudFlare Inc.
  Nick Sullivan is a leading cryptography and security technologist. At CloudFlare, a top Internet performance and security company, Nick is responsible for overseeing all cryptographic products and strategies. Previously, he held the prestigious title of "Mathemagician" at Apple, where he encrypted books, song, movies and other varieties of mass media.

Links:

• https://deepsec.net/archive/2016.deepsec.net/speaker.html#PSLOT262
• https://infocon.org/cons/DeepSec/DeepSec 2016/TLS 1.3 - Lessons Learned from Implementing and Deploying the Latest Protocol.mp4

Similar Presentations:

• 33C3 (2016) / Deploying TLS 1.3: the great, the good and the bad: Improving the encrypted the web, one round-trip at a time
• DeepSec 2014 „Do you want to know more?“ / Introduction to and survey of TLS Security
• DeepSec 2016 „Ten“ / Deploying Secure Applications with TLS (closed)