The protocols are designed to prevent eavesdropping, tampering, and message forgery in client/server communications over the internet. As such, the primary aim of TLS is to ensure the security of communications between client/server applications on the basis of three key properties – 1) authentication; 2) confidentiality; 3) integrity, i.e. protecting data between the two parties from being modified by attackers. It incorporates two primary protocols – a handshake protocol and a record protocol. The former is used when the communication between the two sides is first established and the rules and parameters for communication, including authentication of the parties, selection of cryptographic algorithms and shared keying material, is set. The latter refers to the parameters established by the handshake protocol to protect internet traffic which is divided into a series of records, each secured independently. Both SSL and TLS, however, have suffered from a number of protocol, implementation and configuration vulnerabilities which have caused problems such as loss of confidentiality, integrity, or cryptographic keys.
The update of the TLS standard (TLS 1.3), currently being revised within the Internet Engineering Task Force (IETF), is aimed at addressing these security vulnerabilities. The standards, which are still being finalised, are edited by Eric Rescorla at Mozilla. One of the key novelties of the updated TLS 1.3 is that it reduces the number of the round-trips (from two to one) to complete a ‘handshake’, or even to skip the handshake entirely. As a result, the new standard promises a faster browsing experience. Some of the cryptographic features of TLS 1.2 are removed in TLS 1.3. This includes the depreciation of the RSA key exchange. The removal has been opposed by representatives of the financial sector arguing that the feature is needed, because ‘[u]nlike some other businesses, financial institutions also rely upon TLS traffic decryption to implement fraud monitoring and surveillance of surveillance of supervised employees.’
Companies like Google and Mozilla have been eager to introduce the TLS 1.3 in their browsers. Most recently, however, Google has paused deployment of TLS 1.3 after encountering issues of proxy/firewall products showing incompatibility with the new version of the standard.