OpenSSL 1.1.1 supports TLS1.3

After two years of tinkering, OpenSSL recently released version 1.1.1 with a commitment of at least five years to support it.

In his blog post, OpenSSL’s Matt Caswell thanked the 200 + volunteers who made nearly 5,000 optimizations to OpenSSL, aswell as all the various users who downloaded the beta version and provided feedback.

The highlight of OpenSSL1.1.1 is undoubtedly TLS1.3. The latest protocol, published by the IETF as RFC8446 a month ago, rewrites the old standard and includes new features that were highlighted in OpenSSL version 1.1.1.

More importantly, OpenSSL 1.1.1 is an API and is ABI compliant with OpenSSL 1.1.0. So most applications using 1.1.0 can get many of the benefits of TLSv1.3 simply through the new OpenSSL release. However, because TLSv1.3 works very differently from TLSv1.2, a few applications may experience warnings. For more details, see the TLSv1.3 page on the OpenSSL Wiki.

The article also points out the specific new features included in OpenSSL 1.1.1:

● The connection time is shortened by reducing the number of round trips required between the client and the server

● In some cases, clients are able to start sending encrypted data to the server immediately without any round-trip to the server (called 0-RTT or “early data”).

● Improved security due to the removal of various outdated and insecure encryption algorithms and more connection handshake encryption

And what OpenSSL 1.1.1 adds:

● Completely rewrite the OpenSSL random number generator to introduce the following features

△ The default RAND method now uses AES-CTR DRBG that conforms to THE NIST standard SP 800-90AR1.

Multiple INSTANCES of DRBG are supported through seed chains.

△ There is a public and private INSTANCE of DRBG.

△ DRBG instances are fork-safe.

△ Enable to keep all global DRBG instances on the secure heap.

△ Public and private DRBG instances operate freely per thread lock

● Support a variety of new encryption algorithms, including:

Delta SHA3

△ SHA512 / 224和SHA512 / 256

△ EdDSA (including Ed25519 and Ed448)

△ X448 (existing X25519 support added to 1.1.0)

△ Multiple prime RSA

Delta SM2

Delta SM3

Delta SM4

Delta SipHash

△ ARIA (including TLS support)

● Significant side channel attack security improvements

● Maximum fragment length TLS extension support

● A new STORE module that implements a unified and URI-based storage reader that can contain keys, certificates, CRLS and many other objects.

In addition, since OpenSSL 1.1.0 is not an LTS release, it will begin receiving security fixes immediately and will cease receiving all support (no longer maintained) for one year, according to OpenSSL’s previous announcements and this release’s policy.

The previous LTS release (OpenSSL 1.0.2) will continue to receive full support until the end of the year. It will then receive only security fixes. It will stop receiving all support at the end of 2019. I strongly recommend that users of this release upgrade to OpenSSL 1.1.1.

Matt Caswell also revealed that the next big feature of OpenSSL will be the new FIPS module.

You can’t live without OpenSSL, are you ready to try it?

[from SSL China]

Related Posts

What are Linux process, thread, and file descriptors

The development of online teaching platform has to pay attention to some problems

The nuggets technology the campaign released a week, thirteen essay article excellent essay | oven nuggets technology