Author Topic: TLS 1.3 vs TLS 1.2  (Read 1523 times)


  • Administrator
  • Boffin
  • *****
  • Posts: 13168
    • View Profile
    • The ADROTH Project
TLS 1.3 vs TLS 1.2
« on: August 01, 2017, 10:30:04 PM »

Speed Benefits of TLS 1.3

TLS and encrypted connections have always added a slight overhead when it comes to web performance. HTTP/2 definitely helped with this problem, but TLS 1.3 helps speed up encrypted connections even more. To put it simply, with TLS 1.2, two round-trips have been needed to complete the TLS handshake. With 1.3, it requires only one round-trip, which in turn cuts the encryption latency in half. This helps those encrypted connections feel just a little bit snappier than before.


Most importantly, establishing a TLS 1.3 connection takes one less round-trip.

In TLS 1.3 a client starts by sending not only the ClientHello and the list of supported ciphers, but it also makes a guess as to which key agreement algorithm the server will choose, and sends a key share for that.

And that saves us a round trip, because as soon as the server selects the cipher suite and key agreement algorithm, it's ready to generate the key, as it already has the client key share. So it can switch to encrypted packets one whole round-trip in advance.



The first good news about handshakes in TLS v1.3 is that static RSA key exchanges are no longer supported. Great! That means we can start with full handshakes using forward-secure Diffie-Hellman.
« Last Edit: August 01, 2017, 10:37:57 PM by adroth »