What is TLS?
Transport Layer Security (TLS) is a cryptographic protocol designed to provide secure communication between web browsers and servers. Many IP-based protocols such as HTTPS, SMTP, POP3, and FTP support TLS. Secure Sockets Layer (SSL), on the other hand, is a protocol used to establish an encrypted link between web browsers and servers. It uses symmetric cryptography to encrypt the data transmitted. Encryption keys are based on shared secret negotiation at the beginning of any communication session. This secret negotiation is referred to as the TLS handshake.
Is TLS 1.2 considered outdated?
TLS version 1.2 was released in 2008. It is the most widely implemented version of TLS. TLS 1.2 offered major improvements over the older version, TLS 1.1. The most essential improvement, however, is in the encryption protocol. TLS 1.2 allows the use of more secure hash algorithms such as SHA-256. In addition, it allows the use of advanced cipher suites that support elliptic curve cryptography. TLS 1.2 was considered fairly secure, but the discovery of new vulnerabilities, similar to the old TLS protocols' vulnerabilities, put TLS 1.2's reliability in question.
Zombie POODLE vulnerability in TLS 1.2:
The Zombie POODLE attacks (CVE 2019-6593) leveraged SSL 3.0 vulnerabilities. A virtual server configured with a Client SSL profile could be susceptible to a chosen ciphertext attack targeting CBC ciphers. Exploitation of this vulnerability may allow plaintext recovery of encrypted messages via a man-in-the-middle (MITM) attack, even without the attacker obtaining the server’s private key.
Researchers have revealed two new vulnerabilities in the TLS 1.2 protocol which allows attacks similar to POODLE to breach it. The source of one vulnerability is in TLS 1.2's support for the outdated cryptographic method, cipher block chaining (CBC). Using the CBC method allows man-in-the-middle attacks (MITM) on users' encrypted web and VPN sessions. With some minor tweaking of the familiar POODLE attack, it is possible to hack systems that still make use of outdated crypto methods.
Another vulnerability was also found in TLS 1.2 which allows the GOLDENDOODLE attack to breach outdated crypto methods. GOLDENDOODLE is similar to, yet more powerful than the POODLE attack. It has more powerful and rapid hacking abilities, and even if a system has fully eradicated the POODLE flaw, it could still be vulnerable to GOLDENDOODLE attacks.
While this issue should have been resolved, the support for older protocols – which was included mainly to ensure that older legacy browsers and client machines won't be locked out of websites – means that the issue still remains. Meanwhile, the websites, operated mainly by government agencies and financial institutions, remain vulnerable.
TLS 1.2 possible attack vector
The TLS 1.2 vulnerability, like the old POODLE, allows the attacker to gain access to encrypted blocks of data - and then gain exposure to plain text information - using side channels. The procedure is this: if the victim visits, for example, a non-encrypted website, malicious JavaScript is injected into the victim's browser. Once the browser is infected, a MITM attack is executed and the attacker can grab the victim's cookies and credentials from a secure web session.
TLS 1.3 handshake
In addition to TLS 1.2's security issues, problems in performance and privacy were also noted in TLS 1.2. Therefore, a new version of TLS was launched in 2018 - the TLS 1.3 protocol. TLS 1.3 aimed to address all of the problems facing TLS 1.2. Security-wise, TLS 1.3 completely abandons backward compatibility and has a completely new functional security design. TLS 1.3's security was designed from scratch, which allows it to perform the same functions as TLS 1.2, but with significantly improved resilience to attacks.
TLS 1.3 vs. TLS 1.2
With TLS 1.3, encrypted connections are much faster and more secure than before. While high profile vulnerabilities were discovered in TLS 1.2, TLS 1.3 solves those issues and supports only state-of-the-art algorithms with no known vulnerabilities.
TLS 1.3 also provides additional privacy by encrypting more of the handshake to protect it from eavesdroppers.
Features removed from TLS 1.3
- Static RSA handshake
- CBC MtE modes
- RC4
- SHA1, MD5
- Compression
- Regeneration
Bottom line: TLS 1.3 takes a significant step forward in enhancing security. It removes all primitive features that lead to weak configurations. TLS 1.3 prevents common SSL/TLS vulnerabilities such as DROWN, POODLE, SLOTH, CRIME, and more. We recommend to use assistive tools such as PowerShell, or other hardening automation platforms to help you increase security.
