Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

What's New in TLS 1.3

OWASP Foundation via YouTube

Overview

Explore the latest developments in TLS 1.3 in this 52-minute conference talk from APPSEC Cali 2018. Delve into notable attacks against previous TLS versions and their relevance to TLS 1.3, highlighting key security-related design decisions that mitigate these threats. Learn about new protocol handshakes, including 0-RTT resumption, and gain insights into potential deployment pitfalls and how to avoid them. Presented by Alex Balducci, a Principal Security Consultant at NCC Group's Cryptography Services, this talk covers topics such as ciphersuite choices, GCM mode, TLS 1.3 nonces, key exchange modes, handshake processes, resumption mechanisms, and forward secrecy. Gain valuable knowledge about the evolution of TLS and its implications for application security.

Syllabus

Intro
nccgroup
Security Properties We Want
Ciphersuite Choices
GCM Mode
TLS 1.3 Nonces
TLS 1.3 Ciphersuites
Key Exchange Modes?
TLS 1.2 DHE
TLS 1.3 Handshake
TLS 1.3 Resumption
Key Schedule: Resumption
Resumption Takeaways
Key Schedule: ORTT
Forward Secrecy
ORTT Takeaways
Summing It Up
Questions?

Taught by

OWASP Foundation

Reviews

Start your review of What's New in TLS 1.3

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.