TLS stands for “Transport Layer Security”, which is an evolution of Secure Sockets Layer (SSL) which allows devices on the internet to communicate safely. The latest version of the TLS protocol provides unparalleled privacy and performance compared to older versions. The new version of the handshake in TLS 1.3 also brings performance improvements by reducing latency.
TLS 1.3 handshake
The new handshake method includes only one round trip, instead of two round trips required in the older versions. In TLS 1.3, the client not only sends the ClientHello message but also sends a key share to the server. Then the server selects the cipher suite and key agreement algorithm and switches to encrypted packets. Then the server sends the ServerHello, its key share, the encrypted certificate, and the Finished message. After the client verifies the certificate, it is ready to send the encrypted HTTP request and the Finished message and the server replies it with an HTTP response only.
TLS 1.3 allows us to do a 0-RTT connection which means one less round trip and ending up with no round trip at all. In TLS 1.2 Session Resumption via Session Tickets and Session Identifiers is now replaced with a Pre-Shared Key (PSK) mode.
In TLS 1.3, when a client connects to a server, they both agree on a resumption key and the server gives the client a Session Ticket, which can be an encrypted copy of the PSK or a reference number. When the client connects next time, it sends the Session Ticket in the ClientHello message and immediately sends the HTTP request encrypted with the PSK. The server figures out the PSK from the received Session Ticket and uses it to decrypt the 0-RTT data.
Java 11 must be used to make use of TLS 1.3. JSSE supports, protocol version negotiation, full handshake for client and server sides, session resumption, Key and initialization vector update, updated OCS stapling, backward compatibility mode, required extensions and algorithms, two new cipher suites, RSASSA-PSS signature algorithms, and SSLSocket and SSLEngine. It doesn’t support 0-RTT, post-handshake authentication, signed certificate timestamps, ChaCha20/Poly1305 cipher suites, x25519/x448 elliptic curve algorithms, and edDSA signature algorithms.
Other ciphers and algorithms discontinued in TLS 1.3 are RC4 stream cipher, RSA key transport, SHA-1 hash function, CBC hash function, CBC mode ciphers, MD5 algorithm, various Diffie-Hellman groups, EXPORT-strength ciphers, DES, and 3DES.