20.02.2020

Kolloq. Prof. Ralph Holz, topic: The Era of TLS 1.3: Characterising Deployment and Use

20 Feb 2020 14:00, FMI 03.07.023 (MI-Building, Campus Garching)

Abstract

The design and development of TLS 1.3 was different from previous versions of the Transport Layer Security protocol (TLS). Community consensus led to it enforcing the latest generation of cryptography and making fundamental changes to the protocol flow. Prominent industry engaged at an unprecedented level, making TLS 1.3 the best-tested version ever to be deployed. TLS 1.3 is also the first TLS version to be developed in the age of pervasive mobile devices.

We track the rollout of TLS 1.3 since nearly its conception. We use longitudinal, active scans to measure the increasing deployment over more than 275m domains (including more than fifty ccTLDs), paying special attention to the role that big hosting and frontend providers play. We characterize the evolution of both deployment and use for both draft versions and the final RFC version, including an analysis of connection errors. We show which industries lead in the deployment of TLS 1.3, and we characterize the very different deployment in a variety of countries. We use passive monitoring at two positions on the globe to understand the initial testing phase and the degree to which users profit from the new protocol and its new features. Finally, we exploit data from a widely deployed measurement app in the Android ecosystem to analyze the use of TLS 1.3 in mobile applications. The design and development of TLS 1.3 was different from previous versions of the Transport Layer Security protocol (TLS). Community consensus led to it enforcing the latest generation of cryptography and making fundamental changes to the protocol flow. Prominent industry engaged at an unprecedented level, making TLS 1.3 the best-tested version ever to be deployed. TLS 1.3 is also the first TLS version to be developed in the age of pervasive mobile devices.

We track the rollout of TLS 1.3 since nearly its conception. We use longitudinal, active scans to measure the increasing deployment over more than 275m domains (including more than fifty ccTLDs), paying special attention to the role that big hosting and frontend providers play. We characterize the evolution of both deployment and use for both draft versions and the final RFC version, including an analysis of connection errors. We show which industries lead in the deployment of TLS 1.3, and we characterize the very different deployment in a variety of countries. We use passive monitoring at two positions on the globe to understand the initial testing phase and the degree to which users profit from the new protocol and its new features. Finally, we exploit data from a widely deployed measurement app in the Android ecosystem to analyze the use of TLS 1.3 in mobile applications.

Bio

Ralph Holz is an Associate Professor at University of Twente in the Netherlands. His research interests revolve around empirical studies of Internet infrastructure, in particular with respect to security and the social impact and drivers of a new technology. Before joining University of Twente, Ralph was a Lecturer (Asst. Prof.) at the University of Sydney, Australia and affiliated with Australia’s prime ICT research centre, NICTA. Ralph holds a PhD from TU Munich.

Contact

Prof. Dr.-Ing. Georg Carle
phone: +49 89 289 18030
email: carlenet.in.tum.de