The Internet is the place which makes the world small and puts it on your small device screen. But this can be the easiest way for any hacker/attacker to snoop your data from your personal device and you cannot even imagine how risky it can be. But, in short time, the hackers will probably cry out because of the new security framework.
According to the mentioned in the TechCrunch, the Internet Engineers Task Force has found out the solution to make the internet world more secure. Engineers have discovered the new security framework that will make the connections between users and server encrypted that will deliver the more security against the snooping.
It is named as a Transport Layer Security Version 1.3. This new security framework is developed by the collaboration of the engineers from all over the world and they say themselves as an Internet Engineer Task Force. According to them, this is not any kind of big development. It is just a small update. So, for better understanding, you can take an example of security patch updates which are provided in the Android OS by Google. It helps to make your device more resistant to malware attack.
According to the IETF, the connections between the users and server should be the very much secured. The technical terms are damn too hard to understand. But, yes, I think you can better understand with this example. You may have seen some websites with the SSL certified say HTTPS websites and some website without SSL certified say HTTP websites. Well, your browser will not take you to the HTTP website. It will show one type warning says, “The server is not secured.” That means anyone can attack and get unauthorized access to your data stored on that website.
Without going into those confusing technical words, let’s take a look at what changes TLS 1.3 will make in the security framework.
- The “handshake” between client and server has been streamlined and encryption initiated earlier to minimize the amount of data transmitted in the clear.
- “Forward secrecy,” meaning hackers can’t skim decryption keys from one exchange and use it to decrypt others later.
- “Legacy” encryption algorithms have been removed as options, as these could occasionally be forced into use and their shortcomings leveraged to break the cipher on messages.
- A new “0-RTT,” or zero round-trip time, a mode in which the server and client that have established some preliminaries before can get right to send data without introducing themselves to each other again.
Well, if you would like to obtain even more in-depth details you should definitely take a look at this PDF.
As I said earlier it is not going to make the noticeable effect but definitely, this is the big step taken by the IETF to provide the more secure connection between the user and server. According to the TechCrunch it is adopted by the big companies, some big web servers, etc. and they have already made it live. But, yes, it is definitely hard to notice the change in the server’s secure connection. You will not be able to notice it.