TLS 1.3 Support Coming to iOS 12.2, Enabled System-Wide in Beta Releases

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,247
TLS 1.3, the next major version of the Transport Layer Security (TLS) protocol, will be available in iOS 12.2 and it can already be tested by iOS users willing to install the iOS 12.2 Beta 3 release.

The TLS 1.3 protocol was officially approved by the Internet Engineering Task Force (IETF) on March 21, 2018, after 28 protocol drafts and four years of discussions.

As described in IETF's TLS 1.3 Internet Draft, "TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery."

According to Apple Software Engineer Tommy Pauly, the TLS 1.3 support was added right after Apple shipped the first iOS 12.2 developer seed back in January:

Last week, we shipped the first developer seed of iOS 12.2. Among other features, TLS 1.3 is now enabled by default for the entire system. All users of Network.framework and NSURLSession APIs will now negotiate TLS 1.3. The number of TLS 1.3 capable clients on the Internet should take quite a leap forward, and we are pleased to help move the needle towards faster and more secure network connections.


When compared to the TLS 1.2 protocol which it deprecates, TLS 1.3 comes with these differences:
  • Removes older encryption and hashing algorithms (such as MD5 and SHA-224) and adds harder to crack alternatives (such as ChaCha20, Poly1305, Ed25519, x25519, and x448).
  • Is a lot faster at negotiating the initial handshake between the client and the server, reducing the connection latency and removing the excuse of not supporting HTTPS because of lower browsing speeds.
  • Supports features like Zero Round Trip Time (0-RTT) and TLS False Start designed to also cut down the time needed to establish encryption handshakes with hosts to which the client has talked before.
  • Comes with downgrade attack protection that prevents an attacker from tricking a server into using older versions of the protocol, susceptible to known vulnerabilities.

For more information: TLS 1.3 Support Coming to iOS 12.2, Enabled System-Wide in Beta Releases
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top