5

The latest research seems to indicate that TLS 1.3 completely breaks the MITM/proxy model of many current security tools.

I don't fully understand how it does that and if there are ways around this. Are SSL/TLS proxy vendors going to face existential challenges as adoption of 1.3 becomes mainstream? What is the actual mechanism that blocks the MITM middleboxes?

I see a couple excellent responses from Steffan Ulrich on two threads from 2015, but given the link above, it seems the 1.3 spec may have changed since those answers:

  1. TLS 1.3 Makes Security Tools Obsolete?
  2. Are future TLS versions going to prevent traffic inspection?
Community
  • 1
RussM
  • 51
  • 1
  • 2
  • 3
    The IETF draft you cite is very extensive and describes the various use cases and associated problems in much detail. A detailed answer would essentially need to replicate many of the information in this draft here - i.e. this question is too broad. *"I don't fully understand how it does that ..."* - this information is not really helpful. I recommend you read the draft and then ask instead about specific parts you don't understand (but not too many separate questions merged into a single one) in the hope that you then will be able to understand the draft and thus the problems described there. – Steffen Ullrich Feb 05 '18 at 18:37
  • 3
    Maybe one important thing: MITM on TLS 1.3 should be no problem if the active MITM is done from start, i.e. one TLS connection from man to client and one from man to server. The scenarios in this draft describe mainly situations where this is not the case yet. These could be converted to "real" MITM but then might need more processing power and/or might be more invasive than today. – Steffen Ullrich Feb 05 '18 at 18:42
  • 1
    This document https://www.symantec.com/content/dam/symantec/docs/other-resources/responsibly-intercepting-tls-and-the-impact-of-tls-1.3-en.pdf describe various scenario of TLS proxy and their impact. I guess TLS 1.3 make it harder as for each connection , these boxes have to active right from beginning and also since SNI is encrypted, proxy has to allow first connection and then inspect. – Chits Sep 27 '19 at 16:43

0 Answers0