TLS 1.3 is the latest version of the HTTPS protocol, adopted by IETF in 2018 and since then revolutionizing the field of Internet security and speed. This new version removes old and dangerous cryptographic algorithms, accelerates the handshake process by 2 times and adds a revolutionary technology called 0-RTT. In this article we examine all the main features of TLS 1.3, differences from TLS 1.2 and what benefits it gives to a site owner.
Main differences of TLS 1.3
The biggest change is the complete removal of old and dangerous algorithms. RC4, 3DES, MD5, SHA-1, RSA key exchange — all these old algorithms are absent in TLS 1.3. Only modern and secure algorithms remain: AES-GCM, ChaCha20-Poly1305, ECDHE, EdDSA. This greatly reduced the cipher suite list — TLS 1.2 had hundreds of combinations, TLS 1.3 has only 5. This simplified setup and reduced the likelihood of errors.
Handshake speed — 1-RTT
In TLS 1.2, establishing a new connection required 2 full round-trips (double message exchange between client and server). In TLS 1.3 this is reduced to 1 round-trip. This means if the ping between you and the server is 100 ms, in TLS 1.2 handshake would be 200 ms, in TLS 1.3 — 100 ms. This provides noticeable speedup, especially on mobile networks and for international visitors.
0-RTT technology
0-RTT (Zero Round Trip Time) is the most innovative feature of TLS 1.3. If you have previously connected to this server, on reconnection you can immediately send data with the first packet without waiting for any handshake. This allows sending an HTTP request simultaneously with TLS handshake and saves another 100-300 ms. But 0-RTT has certain security limitations — due to replay attack risk it is recommended to use only in idempotent requests (GET).
Sayt.uz practice
88% of Sayt.uz clients use sites with TLS 1.3 enabled. Our servers support TLS 1.3 and 0-RTT by default. On independent VPS, TLS 1.3 setup service costs 35,000 UZS. Average SSL handshake time on our clients' sites is 95 ms, industry average is 240 ms. Switching to TLS 1.3 increases conversion on average by 4.7% (due to site speed).