The implications of TLS 1.3 on security monitoring
Originally published by Lora O'Haver
After 10 years of consideration and 28 drafts, the Internet Engineering Task Force (IETF) recently approved a new set of protocols for secure network communications, known as Transport Layer Security (TLS) 1.3. Like previous Secure Socket Layer (SSL) standards, the new release specifies the rules for encryption of secure communications between clients and servers. I recently sat down with Ixia’s VP of Product Management, Scott Register, to learn more about how network and security management will be impacted by TLS 1.3. Following are excerpts of our discussion, which you can listen to in full here.
Lora: What are the benefits of adopting TLS 1.3?
Scott: For an enterprise adopting TLS 1.3 on their servers, there are two big benefits: security and performance. From a security perspective, TLS 1.3 will make harder to eavesdrop or snoop on communications because encryption keys will be negotiated for every client-server pair in a secure session. It will be much more difficult for a hacker to decrypt secure communications between other entities for themselves.
The second big benefit is performance. This is because the initial secure connection setup between a browser and a server will require fewer packets to get started. So, when you go to your online banking web site or any other encrypted service, that page will open faster for you. So those are the two big benefits.
On the client side, you don’t have to do much at all. Browsers are updated by providers all the time and all users have to do is download the new versions. Some of the major browser providers have already begun incorporating TLS 1.3 into their most recent releases.
Lora: What do enterprises need to do to adopt TLS 1.3 for their secure communications? Is there a significant expense associated with it?
Scott: Web server platforms, such as Apache or Microsoft, have encryption standards built right in. Sometime later this year, organizations using those platforms will be able to upgrade to new versions that support TLS 1.3 encryption. During the upgrade process, they will be asked if they want to use TLS 1.3 encryption and disable older SSL versions. So, adopting TLS 1.3 on web servers is pretty straight-forward and, depending on the support contract in place, could even be free.
On the other hand, the changes required to an organization’s security infrastructure could be fairly expensive because they will need to deploy new decryption and security solutions capable of monitoring TLS 1.3 traffic. They might also have to make changes to their overall security architecture. It will certainly require some planning to ensure they are able to efficiently access, decrypt, and monitor key connections.
Lora: Could you explain more about the process of monitoring encrypted security and how that will change?
Scott: Sure. Under TLS 1.2, companies who wanted to decrypt secure communications to examine the contents did so by using a copy of the server-side encryption key. They didn’t actively participate in the encryption process by negotiating their own key, instead they were merely observing the communications by applying the key. Under TLS 1.3, keys cannot be reused, so companies will need to be active participants in the encryption process in order to view and monitor secure communications. You’ll sometimes see decryption in this situation referred to as an SSL proxy or a man-in-the-middle approach. Companies will need solutions that offer active decryption and encryption once they begin adopting TLS 1.3 on their servers.
Lora: How fast do you think organizations will move to TLS 1.3? Are there industries or sectors that more likely to move fast or more likely to delay?
Scott: Adoption is required on both the client and the server of course, and a lot of the large internet players, like Microsoft, Apple and Google, conveniently control both ends. For example, a Google search can connect someone to a YouTube video, or customers use browsers to access services like Office 365 or Google Docs, or an iPhone user accesses Apple or iOS-based services. For these companies, I expect adoption will happen fairly quickly because generally they’d like to see security advance.
It’s a different question for companies who host their own web servers, especially if it means they have to rearchitect their entire security deployment to put active SSL inspection devices between end-users and their web farms. They may very well delay adoption for a year or more because they’ll have to budget for the technology upgrade, then test and decide which gear they want to use and which vendor, and also decide on their new approach to security. So, I can see a lot of shops delaying migration for more than a year.
In fact, one of the reasons the approval for TLS 1.3 took so long was because there was opposition from the finance industry. Not because they want to weaken security—that’s certainly the last thing they want—but because all of their traffic is encrypted and they will need to have proven, active decryption solutions in place, so they can protect themselves and their customers from malicious attacks. They’re very concerned with being able to monitor encrypted sessions without negatively impacting their customer experience.
In terms of other industries, I’m not sure if the European Union’s General Data Protection Regulation (GDPR) will necessarily speed up adoption of TLS 1.3. It might, but it’s not an explicit requirement. The FedRAMP standards here in the U.S. are still several revisions behind. They are requiring businesses who work with the federal government to adhere to TLS 1.1 standards by July 1stof this year. So, I don’t expect a federal mandate in the immediate future for TLS 1.3.
Lora: How can Ixia solutions help customers monitor TLS 1.3 encrypted traffic?
Scott: Well, our Vision ONE network packet brokers do both passive and active decryption. To be clear, the man-in-the-middle approach is not new and has been used for a while in cases where companies want to protect themselves against data leakage or from people downloading encrypted malware. What’s really changed with this new spec is that if you’re operating your own web servers, you have no control over how clients want to communicate and will eventually have to adapt. At that point you will no longer be able to use passive SSL inspection, but will need to deploy an active solution, like the SecureStack capabilities of Ixia's Vision ONE.
For more, listen to the full discussion at: “What’s Ahead for Security with TLS 1.3” with Scott Register, VP Product Management, Ixia