Breaking Bad – Are You Ready to Lawfully Intercept TLS 1.3?

Written by

Almost every year, there is a call from a politician, often from the US, to ban the use of encrypted communication platforms. Occasionally this escalates to demands for “backdoors” to be placed in encryption to allow law enforcement to unlock devices or intercept messages between terrorists and criminals.

The frustrated response from the tech community is normally two-fold; it would be technically impossible as many encryption schemes are open source, and backdoors just make it easier for criminals to break into systems. Even the NSA, the world’s largest spy agency, has been compromised in the past, so who do you suggest looks after these backdoors?

Every day, enterprises large and small lawfully intercept, decode and inspect encrypted IP traffic. The reasons range from compliance with internet access policies, regulatory mandates and to protecting against malware or intellectual property theft. This lawful intercept is made possible by provisions within the Transport Layer Security (TLS) protocol, the internet’s most widely used encryption schema, that allows a proxy server or in-line filter such as an next generation firewall to act as a certificate authority for connected users making a TLS connection across an IP network. 

However, TLS 1.2 has a few issues including an older cryptography technique that is less secure than modern equivalents. As such, the new 1.3 version is starting to be rolled out as a replacement. This updated version is more secure, offers faster handshaking with lower latency and includes new connection privacy protection, intended to protect individuals from man-in-the-middle attacks and 'pervasive monitoring'.

One of the biggest changes with 1.3 is that server certificates are now encrypted which will make it difficult for an enterprise proxy/content inspection server to determine whether a communication is between a legitimate source like a bank or malicious malware sending back command and control information to a hacker.

With TLS 1.3, once a connection is made through a proxy, that proxy needs to maintain the connection for the entire duration of the communication. 

Although most browsers now support TLS 1.3, most of the big services make it an optional rather than mandated requirement. However, this may well change and some of the large SaaS and cloud providers are considering this approach. 

For enterprises, this supposed improvement in security may well cause several headaches when it comes to lawful inspection. Firstly, enterprises need to maintain a proxy for all TLS 1.3 sessions, even if the communication is deemed to be legitimate and secure.

When deployed in its most secure fashion, TLS 1.3 does make it harder for enterprises to determine content legitimacy and as such, its use will undoubtedly force enterprises to ramp up resource utilization on an SSL/VPN/Proxy appliance.

Organizations have a choice to make: stay on TLS 1.2 for as long as possible, accepting all of its flaws, or move to 1.3 and ramp up proxy/VPN appliances to deal with the new workload. A more innovative approach is to move to a cloud access security broker (CASB) model which can effectively act as an inspection portal for all IP traffic flows.

For smaller organizations, this CASB model may prove a bit of overkill, but it can be really beneficial for larger organizations that have a lot of diverse applications, SaaS, PaaS, IaaS and distributed or mobile workers.

Architecting such a migration does require a multi-discipline team spanning security, networking, applications and policy experts but the benefits include a much more robust access control process and, if done right, a simpler way of managing the whole process irrespective of use case. 

There is still only sluggish adoption of TLS 1.3 with a recent survey by SSLlabs suggesting that as of May 2019, only 14.2% of the 150,0000 most popular sites on the internet support TLS 1.3. However, several large CDNs including Akamai and CloudFlare are already offering TLS 1.3 as a default. This situation will improve further if one of the bigger SaaS services starts to require it or if more vulnerabilities are discovered with TLS 1.2 that further negate its usefulness. TLS 1.3 will ultimately become the standard, and for enterprises, the clock is ticking.

What’s hot on Infosecurity Magazine?