TLS 1.3 Handshake - many CHANGES from prior versions!

Показать описание

The TLS 1.3 Handshake changes significantly from the TLS 1.2 (and prior) handshake. In this video we discuss 4 major changes to the TLS handshake with the latest version:

- TLS 1.3 Handshake is shorter, only one round trip (1RTT)
- TLS 1.3 Handshake is mostly encrypted (everything except the Client Hello and the Server Hello)
- TLS 1.3 Handshake encrypts the Client Certificate (as well as the Server Certificate)
- TLS 1.3 Handshake generates many more session keys

👉 This is a sample lesson from my SSL & TLS deep dive course: Practical TLS.

🔑 More free lessons from the course:

🏢 Do you configure or troubleshoot TLS/SSL for work? If so, I'm willing to bet your employer would happily pay for this SSL training. Reach out if you'd like to coordinate an introduction for a bulk license purchase with your company. If your referral leads to live training engagement, I'll buy you an iPad (or tablet of similar value of your choice)

💬 Join Practical Networking Discord

00:00 - Review of TLS 1.2 (and prior) TLS Handshake
01:15 - Comparing TLS 1.3 Handshake and TLS 1.2 Handshake
02:46 - TLS 1.3 One Round Trip Handshake (1RTT) simply explained
05:48 - TLS 1.3 0RTT - Zero Round Trip Handshake
06:58 - TLS 1.3 encrypts most of the TLS Handshake
07:37 - ESNI, Encrypted SNI, Encrypted Server Name Indication
08:53 - ECH, Encrypted Client Hello
10:30 - TLS 1.3 encrypts the Client Certificate in Mutual TLS (MTLS)
12:42 - TLS 1.3 generates many more session keys
16:12 - Key Points - TLS 1.3 Changes to the TLS Handshake
16:45 - Want more? Check out Practical TLS - the *BEST* TLS training course ever created
#ssl #tls #cybersecurity

Рекомендации по теме

Комментарии

📢 *Holiday & New Year Promotion*
👉 Practical TLS for only $55 _(originally $297)_
💻 Use code *FROM2024TO2025* --> pracnet.net/tls
📅 Offer expires Jan 4

PracticalNetworking

You never disappoint. Im rarely as excited for watching a technical video as when I watch yours. Thank you!

dragonbg

Perfect way to end off this mini series! Very well explained easily digestible information that informs the viewer exactly what did change in TLS 1.3 and why it's important to learn it.

NitroBlaziken

9:42 is really interesting, does anyone know where I can find any active discussions about this idea and how it COULD be implimented

zacharykosove

Awesome video. Excited for the give away. Love your courses

sreekumarj

Nice explanation, can we expect anything on IPSec?

muralikrishna-froh

Thank you Ed, exciting to see how long TLS 1.3 will evolve.
Are you also going to release the TLS 1.3 session renegotiation part? :)

vFoxArts

Great video, doesn't the quic protcol also reduce the round trip?

TGUK

Any update on TLS 1.3 Key schedule course?

safwanumer

I was not aware of these difference, very instructive!

greob

Hey Eddie, awesome video. Can you make one where you explain DTLS and its difference to TLS please?

alexanderjansen

TLS 1.3 client hello is with many other information like all guessed cipher suites key shares. Are you going to cover that in a new video?

talesara

Thanks for the video. As usual great and understandable explanation of the topics!

vlgermanov

I guess we can encrypt the hello message with the server public key stored in certificate but we should be able to fetch it prior somehow

AlexeyTsapaev

Hi, thanks for your sharing. In TLS 1.2 handshake, the "gray glomy text" "Finished" is encrypted or decrypted? For advice. Thanks.

HoeSanBay

Hi, in TLS 1.3 handshake, the "gray glomy text" "Finished" below the purple line is encrypted or decrypted? Thanks.

HoeSanBay

Sir can you please make full video series of how to tell ma’am NOT to redeem?

chittlingwhittles

question: actually what port the TLS is using, i am kinda hv chicken and egg problem with HTTP/HTTPS and the TLS that encrypts the HTTP itself.. but u mentioned that not only HTTP is protected by TLS.. how about something like RADIUS when we are doing EAP-TLS or even the EAP-PEAP.. they still need to establish the TLS tunnel, but as per my understanding it is between client and the server, it does not protect the RADIUS protocol..

BernhardHustomo

Sir, make vedios on data flow via cache, Ram, rom and secondary memory. And also via registers.

padderhilal

TLS 1.3 Handshake - many CHANGES from prior versions!

TLS 1.3 Handshake - many CHANGES from prior versions!

TLS 1.3 Handshake

Multiple Handshakes Security of TLS 1.3 Candidates

TLS Handshake Explained - Computerphile

Transport Layer Security, TLS 1.2 and 1.3 (Explained by Example)

Explaining TLS 1.3

TLS Handshake - EVERYTHING that happens when you visit an HTTPS website

TLS Part 6: Key difference between 1.2 and 1.3?

SSL, TLS, HTTPS Explained

TLS Essentials 13: TLS 1.3 handshake in-depth

Wiresharking TLS - What happens during TLS 1.2 and TLS 1.3 Handshake

09. The TLS Handshake

TLS 1.3 Part 2: Protocol Overview

TLS Handshake Explained #systemdesign #ssl

TLS Handshake Deep Dive and decryption with Wireshark

TLS Essentials 14: TLS 1.3 Wireshark analysis

TLS 1.3 - What Changes? What stays the same?

TLS Triple Handshake Demo

Netzsicherheit 2: 2 TLS 2.3.1 Handshake Uebersicht

TLS 1.3 Handshake - Client Hello, Server Hello & Finish, Server Finish

Multiple Handshakes Security of TLS 1 3 Candidates

TLS 1.2 vs TLS 1.3 #shorts

TLS 1 3 Advantages wolfSSL

TLS 1.3 0-RTT handshake уже в Nginx