Loading…
SecAppDev 2019 has ended
View analytic
Friday, February 22 • 14:00 - 15:30
Security features of TLS 1.3

Sign up or log in to save this to your schedule and see who's attending!

TLS is one of the most widespread secure communication protocol on the Internet. We present the formal guarantees that its latest iteration provides for its users.


Abstract
The history of SSL/TLS goes all the way back to SSL 2.0. Since the original protocol, the standard for secure communication on the internet has seen many iterations. Currently, many systems run on TLS 1.2. Unfortunately, this evolution has been principally driven by a break-and-fix cycle. Often, the users of these protocols suffer the damaging consequences. In August 2018, the latest iteration, TLS 1.3 was released. This was the result of a long process which grouped the expertise of both engineering and security researchers.

In this session, we will look at the different formal guarantees that this new iteration provides. Concretely, we look at mutual authentication, forward secrecy or secure channels. We will make use of the building blocks of cryptography (public-key encryption, DH key exchange, AEAD, etc.) to explain which elements of the protocol help in providing the different guarantees. We show how TLS 1.3 brings significant improvements over older versions. In the end, you will be able to select the most appropriate security for your applications.


This session is intended for anyone wishing to approach TLS for research or deployment.

Speakers
CD

Cyprien Delpech de Saint Guilhem

Research associate, KU Leuven


Friday February 22, 2019 14:00 - 15:30
Main building (room Lemaire)