SoylentNews is people
SoylentNews
The web will soon be a little safer with the approval of this new security standard
TLS 1.3 makes a few prominent changes that should keep you safe.
- The "handshake" between client and server has been streamlined and encryption initiated earlier to minimize the amount of data transmitted in the clear.
- "Forward secrecy," meaning hackers can't skim decryption keys from one exchange and use it to decrypt others later.
- "Legacy" encryption algorithms have been removed as options, as these could occasionally be forced into use and their shortcomings leveraged to break the cipher on messages.
- A new "0-RTT," or zero round-trip time, mode in which the server and client that have established some preliminaries before can get right to sending data without introducing themselves to each other again.
The whole standard is 155 pages long, and really only other engineers will want to dig in. But it's available here if you'd like to peruse it or go into detail on one of the new features.
Also at The Register.
This discussion has been archived.
No new comments can be posted.
Transport Layer Security Version 1.3 Approved
|
Log In/Create an Account
| Top
| 29 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
It's raisins that make Post Raisin Bran so raisiny ...
(Score: 2, Insightful) by Anonymous Coward on Monday March 26 2018, @12:20PM (3 children)
(Score: 0) by Anonymous Coward on Monday March 26 2018, @03:18PM (1 child)
What is necessary, is lies and deception built into protocols. Undecidability and steganography. Protocols that have no origin and destination address. Distributed state machine systems. Parasitism. Look at botnets, bitcoin, DHT...
Things like encryption imo, put a minimum currency amount on resources you must spend to break a key, favoring big and wealthy faggots.
Also, encryption itself introduces an attack surface that nobody is qualified enough to inspect.
Ofc, encryption is probably necessary, but in the current state of the things, encryption is worthless against the larger/competent adversaries?
(Score: 0) by Anonymous Coward on Monday March 26 2018, @10:39PM
It doesn't look like encryption is really worthless even against the larger/competent adversaries though. Why the hell do you think the NSA, which probably counts as the biggest and baddest kid on the block, is working so hard to break protocols and implementations instead (Project Bullrun), and why are the FBI and their ilk attempting to force people to use escrowed encryption? It looks more like that the mathematics of modern encryption is unassailable even by them, so they are looking for weaknesses in the protocols that use them as building blocks, and attempting to legislate their own back doors into the systems that use them.
The "minimum currency amount" as you put it, to break even a 128-bit key by brute force is actually quite high. If you could compute at the Landauer limit, you would need at least (kT ln 2)2128, where k is Boltzmann's constant, and T is the temperature in kelvins, or about 265 terawatt-hours of energy at 293 K. To put that number into perspective, the average per-capita energy expenditure per person per year in the United States is 13,000 kWh, so 265 TWh (about a quadrillion BTUs) is something like the power consumption of 20 million Americans. That's more than the populations of New York, Los Angeles, Chicago, Houston, and Phoenix combined, and it would still take a year to break such a key. If the NSA's facility in Utah was busy breaking such a key, that much energy consumption and the power plants needed to generate it would be really noticeable, being approximately a tenth of the entire electrical generating capacity of the rest of the United States.
When you do the same calculations for 256 bit keys, you get values in the range of 1054 joules, which is a literally cosmic-scale amount of energy, far beyond even supernovae (1044 joules), more in the range of energies associated with the supermassive black holes in the centres of quasars. It's about one-thousandth of the total visible mass-energy of the entire Milky Way (1058 joules).
No, the only "rich and wealthy faggots" who could conceivably break a 256-bit key without exploiting some back door or other systemic weakness in the implementation would be galactic civilisations far more advanced than our own, which has computers that are, as Bruce Schneier puts it: "built from something other than matter and occupy something other than space." Which is why the NSA and the FBI are instead resorting to side-channels, back doors, and other underhanded techniques to get past encryption. I wouldn't put it past them or their agents to have tainted TLS 1.3 with some subtle vulnerability.
(Score: 0) by Anonymous Coward on Monday March 26 2018, @08:25PM
Perspectives had an alternative (which ran along side the CA system). It goes like this:
* You visit site, they give you a certificate (potentially self-signed).
* You ask the notaries (similar to CAs, but you get to choose who you trust rather than the site getting to choose).
* The notaries send you what they have for the cert of that site (either cached or they can fetch it when asked).
* Once enough notaries have reported back, you check that enough of them (you set threshold) agree with the cert you have gotten.
* If so, you trust the cert (self signed or not) because either it is valid, or the entire trust network is compromised.
The reason this system works, is that to compromise a site, you must issue your compromised cert to the entire internet (not just your target), this means that the original site owner can notice.
The reason it doesn't work, is that the notaries have no way to get paid for their services.