Some days back, The Register mentioned cyberstorm.mu (name rebranded due to trademark issues) preparing for IETF100 hackathon. Hooray! Yeah, we did it and the hard work finally paid off thanks to the core team and the whole of cyberstorm.mu team. After registering on the IETF – Internet Engineering Task Force website, the cyberstorm.mu team set itself on the TLS1.3 API source code. We were all focused on the OpenSSL codes.
Once in our office, we set up the network and our equipment. Check out logan’s blog to have an idea how things went on. That’s true we struggled in the beginning, but finally we could see the light at the end of the tunnel. Patience and patience is all what you need and a calm mind to study how things are in the code. The testing was then carried out to confirm the beauty of the TLS 1.3 codes in our chosen projects. You can also view the TLS tutorial which explains the objectives of TLS1.3. For example: Mitigation of pervasive monitoring.
Here are some hints about the security from TLS1.3
- RSA key was removed.
- Stream ciphers was reviewed.
- Removal of compressed data mechanism which was able to influence which data can be sent.
- Renegotiation was removed.
- SHA1 and Block ciphers were removed.
- Use of modern cryptography like A-EAD.
- Use of modern key such as PSK.
For more details see this blog from OpenSSL. We were also working together with the TLS team in Singapore which was lead by Nick Sullivan, champion at the IETF TLS hackathon.
After the IETF Hackathon, it was announced publicly about the good job done by the cyberstorm.mu team on the IETF channel.
More links :
PS: Any more links related to IETF Hackathon TLS 1.3 let me know, I will add it here!
- TLS 1.3 hackathon objectived by Nick Sulliman
- IETF presenting remote participants
- Day 0 – IETF TLS 1.3 Hackathon by Logan
- Day 1 – IETF TLS 1.3 Hackathon by Logan
- Introducing TLS 1.3 by Cloudflare
Feel free to join the cyberstorm.mu community group on Facebook and follow us on our cyberstorm.mu Twitter account.