Saturday, April 5, 2025
Follow us On Linkedin
HomeSSL/TLSFacebook Launches Open Source Library Fizz To Enhance TLS 1.3 Protocol

Facebook Launches Open Source Library Fizz To Enhance TLS 1.3 Protocol

SSL/TLS

Published on

By Gurubaran
Facebook Launches Open Source Library Fizz To Enhance TLS 1.3 Protocol

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

TLS is the most widely used cryptographic protocol and it is the backbone of secure Internet communication. TLS 1.3 designed for speed by reducing the network of round-trips and enhances security by removing unsafe cryptographic primitives.

Facebook built Open Source Library Fizz to implement support for TLS 1.3, now the Fizz handles millions of TLS 1.3 handshakes every second.

The social media giant said “Fizz and TLS 1.3 globally in our mobile apps, Proxygen, our load balancers, our internal services, and even our QUIC library, mvfst.Fizz has reduced not only the latency but also the CPU utilization of services that perform trillions of requests a day.”

TLS 1.3 reduces the latency considerably in establishing initial secure connections when compares to TLS 1.2.

Fizz currently supports TLS 1.3 drafts 28, 26 (both wire-compatible with the final specification), and 23. All major handshake modes are supported, including PSK resumption, early data, client authentication, and HelloRetryRequest.

Its servers are async by default and it supports for scatter/gather I/O APIs, as it accepts scatter/gather method of input and output it allows the user’s to pass chunked data, encrypts and place in chunk memory, which avoids the need to copy data.

According to Facebook “Fizz provides two kinds of APIs to be able to handle rejection of early data, either transparently or by allowing the app to change the data it sends during retry.”

It is built with security in mind from the ground up, with secure abstractions, it delivers the reliability and performance of TLS 1.3.

Now more than 50% of the internet traffic is secured with TLS 1.3 and it continues to grows as browsers adopted support for TLS 1.3. Starting from version 61.0, by default Firefox 61 supports for the latest draft of TLS 1.3. Chrome 63 enables support for TLS 1.3.

Also Read

SSL/TLS Certificate Revocation is Broken Time for More Reliable Revocation Checking Mechanism

Evolution of TLS1.3 – Enhanced security and speed

Transport Layer Security (TLS) 1.3 approved by IETF With the 28th Draft

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cyber Security News

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti...
cyber security

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing...
ChatGPT

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of...
cyber security

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM)...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

SSL/TLS

10 Best Free SSL Checker Tools 2024

SSL Checker helps you troubleshoot common SSL issues and SSL endpoint vulnerabilities. With the...
Cyber Security News

Google to Reduce SSL Certificate Lifespan to 90 Days

Recently, Google declared its plan to reduce the maximum validity for public TLS (SSL)...
Cyber Security News

Researchers Claim That RSA Algorithm Can Be Broken by Quantum Computers

It was recently reported that Chinese researchers had made a breakthrough in the field...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved