Exploring the Latest Version of Transport Layer Security

K. Harisaiprasad CISA, Associate Consultant, Mahindra SSG, New Delhi, India
| Posted at 3:02 PM by ISACA News | Category: Security | Permalink | Email this Post | Comments (1)

K. HarisaiprasadTransport Layer Security (TLS) is a cryptographic protocol for protecting privacy and data integrity of information (logins, passwords, credit card numbers, personal correspondence etc.,) between two communicating applications. It encrypts data traveling between internet hosts, including mail servers, VPN, SIP for voice, video and messaging applications. Its current version is 1.3, following the previous version, 1.2. With TLS, browsing habits, emails and online chats can be monitored.

TLS is normally implemented on top of Transmission Control Protocol (TCP) in order to encrypt Application Layer protocols such as HTTP, FTP, SMTP and IMAP. It can also be implemented on UDP, DCCP, and SCTP protocols (such as SIP-based application use and VPN). TLS also can be used in conjunction with other standard protocols such as FTPS, DNS over TLS, etc., for securing connections. To ensure authentication in communication, TLS can be used along with X.509 Public Key Infrastructure (PKI), which is issued by a trusted third party called Certificate Authority (CA) that asserts authenticity of the public key and DNSSEC.

Working of TLS 
TLS uses symmetric and asymmetric cryptography for communication. A secret key known to the sender and receiver is used for encryption and decryption in symmetric cryptography; 128/256 bit encryption is generally used in the industry. Private and public keys are used for asymmetric cryptography. Public keys are used to encrypt the data from the sender, which is decrypted with a private key of the receiver. This is advantageous over symmetric encryption, in that sharing of encryption keys need not be secure. In asymmetric encryption, the session key is generated and exchanged securely, which is used for encryption and decryption of data, after which the session key is discarded. Minimum key length should be at least 1024 bits. Due to its computation of large key length, asymmetric encryption is slow for many purposes.

TLS protocol has two layers: TLS record protocol and TLS handshake protocol. TLS record protocol provides security in connections. It has two properties, including private connection, which can use symmetric encryption. It can work without encryption, as well. The second property is connection reliability. Various higher protocols are encapsulated using TLS record protocol.

In TLS handshake protocol, before the first byte of data is transmitted/received by the application protocol, authentication of the client server and negotiation of encryption algorithm and cryptographic keys are done. It has three properties; first, the peer identity is authenticated by asymmetric, public or cryptographic keys. Second, the shared secret is made secure. Third, integrity of the negotiated communicate is assured. Connections can be terminated due to handshake failure or protocol error. TLS handshaking and interpretation of authentication certificate are done by designers/implementers who should ensure authentication on at least the server side, and confidentially and integrity of the communication channel.

Three basic key exchange modes are available in TLS 1.3:

  • Diffie-Hellman (DHE) over Elliptic curve (EC) or Finite Fields
  • PSK-only
  • PSK with (EC) DHE

Some of the advantages of TLS 1.3 are the simplified handshake for secure connection, and fast resumption of sessions with servers, which decreases setup latency and the number of failed connections.  It does not support outdated/insecure encryption algorithms.

All US government servers should support TLS 1.3 by 1 January 2024.

Comparison of TLS 1.2 and TLS 1.3


TLS 1.2

TLS 1.3


Legacy algorithms are used

Only Authenticated Encryption with Associated Data (AEAD) algorithms are used


All handshake messages are not encrypted

All handshake messages after the ServerHello are now encrypted


Existence of superfluous message

Consistent handshake and superfluous messages are removed


Two round trip times for completing the handshake

One round trip time for completing the handshake


Higher encryption latency

Latency encryption is halved


Handshake time 300 ms

Handshake time 200 ms


No zero round trip

Has zero round trip (remembers previously visited sites so that it can send data on first message to server)


More load time

Less load time


Has obsolete and insecure features

Obsolete and insecure features are eliminated


All public exchange mechanism does not provide forward secrecy

Static RSA and Diffie-Hellman cipher suites have been removed; all public-key based key exchange mechanisms provide forward secrecy.