TLS 1.3 offers attractive speed and security improvement benefits that are hard to ignore. The handshake phase was sped up by removing one or more roundtrips (back and forth messaging between client and server) in TLS 1.3 – with “or more” meaning that for certain cases, roundtrips can be entirely eliminated (0-RTT). During the round phase, TLS 1.3 has added support for the generally faster Digital Signature Algorithm (DSA) over Edwards curves (EdDSA), as compared to DSA over elliptic curves (ECDSA).
TLS Background and Latest Developments
Transport Layer Security (TLS) is the protocol that underpins secure client/server communications over the Internet. TLS guarantees this by providing the cryptographic functions of authentication, confidentiality, and integrity checking. First, the identities of both the client and server are authenticated, to prevent impersonation by either party. For example, a bank’s customer wants to be certain that they are sending their private information to their bank’s authenticated server. Second, the messages sent between the endpoints need to remain confidential and unreadable, except for the client/server. Finally, the integrity of exchanged messages must stay intact; that is, it should be impossible to modify messages without being detected. Together, the two phases of TLS perform these duties, with the “handshake” phase authenticating the client/server and the “record” phase preserving message confidentiality and integrity. TLS enhances security across various areas, including cloud services, data centers, network connections, and the expanding world of IoT.
First developed in 1994 by Netscape, the Secure Socket Layer (SSL) was the predecessor of TLS. However, the initial version (v1.0) of SSL was never published because of too many security flaws. Thus, the official history of TLS begins with SSL v2.0, as seen in the timeline below:
The final version of SSL published by Netscape was v3.0, after which subsequent protocols have been renamed to TLS, along with a change of ownership to the Internet Engineering Task Force (IETF). As Microsoft plans to disable TLS 1.0 and 1.1 soon, users are getting ready to move to TLS 1.2 and 1.3.
TLS 1.3 offers attractive speed and security improvement benefits that are hard to ignore. The handshake phase was sped up by removing one or more roundtrips (back and forth messaging between client and server) in TLS 1.3 – with “or more” meaning that for certain cases, roundtrips can be entirely eliminated (0-RTT). During the round phase, TLS 1.3 has added support for the generally faster Digital Signature Algorithm (DSA) over Edwards curves (EdDSA), as compared to DSA over elliptic curves (ECDSA). Security was improved by removing weaker elements while also mandating the use of stronger ones. This included removing obsolete ciphers (such as AES-CBC, RC4, Triple-DES) and less secure elliptic curves. In their place, only cipher suites using authenticated encryption with associated data (AEAD) are supported. Finally, all key agreements in TLS 1.3 are required to use ephemeral keys, granting perfect forward secrecy (PFS). So even if a previously used session key is discovered by hackers, future (forward) sessions will still be protected.
PUFsecurity Unveils Next-Generation Crypto Coprocessor – PUFcc7 to Support TLS 1.3
PUFsecurity has recently introduced the latest member of its Crypto Coprocessor family, PUFcc7. The new Crypto Coprocessor fully supports all the cryptographic primitive requirements of TLS 1.3 mentioned above.
The AEAD cipher suite is handled by PUFcc7’s AES cipher and secure hash engines, using keys from the built-in hash-based key derivation function (HKDF) module. Digital signatures and key agreements are implemented with PUFcc7’s public key cryptography (PKC) engine. Finally, PUFcc7 also includes a NIST SP800-90A compliant deterministic random bit generator (DRBG), which is the same as the CSPRNG described in the TLS 1.3 documentation.
A detailed mapping between these TLS 1.3 primitives and the standard crypto engine configuration of PUFcc7 is shown in Table 1:
PUFcc7 includes additional PKC, SHA, and MAC algorithms to increase security strength and time performance to meet TLS1.3 requirements.
In the PKC part, PUFcc7 added EdDSA, X25519, and X448. The time performance of the overall Public Key Algorithm has been enhanced, and the three levels of performance settings make it more flexible to use in various applications. Regarding security strength, it also provides four selectable PKC configurations supporting 256, 384, 521, and RSA. PUFcc7 also adds SHA3 and KMAC to fully meet TLS1.3’s requirements. In addition, the Key Wrapping method also provides further encryption processing options on top of the original PUF scramble. PUFcc7 also provides the flexibility to function as a TLS hardware accelerator, thereby offloading TLS functions from the main CPU and freeing up valuable cycles for other system processing tasks.
Practically all secure communications over the Internet depend on the TLS protocol, with the latest version 1.3 offering a faster and more secure experience over version 1.2. Given the number of connected devices today, repeatedly executing the cryptographic primitives of TLS is a common occurrence for most modern systems. For system architects looking to add security as well as speed up the routine tasks of TLS, PUFsecurity’s latest PUFcc7 Crypto Coprocessor makes this easy, with built-in hardware root of trust (HRoT) and hardware-accelerated crypto engines for implementing TLS 1.3, all wrapped with a plug-and-play AMBA interface for drop-in integration.
In modern IoT ecosystems, smart devices integrated with PUFcc7 and TLS1.3 support ensure secure data exchange with the cloud. These smart devices leverage PUF for generating unique cryptographic keys, avoiding potential attacks on key storage and transmission. With the latest TLS protocols in place, data communication between smart devices and the cloud occurs over encrypted channels, ensuring confidentiality and integrity during transmission. The TLS handshake process authenticates both ends of the communication, verifying the identity of the devices and establishing a secure connection. This robust combination of PUF and TLS enables seamless and secure data exchange between smart devices and the cloud, empowering a more secure IoT world.