Friday, April 12, 2024

Facebook Launches Open Source Library Fizz To Enhance TLS 1.3 Protocol

TLS is the most widely used cryptographic protocol and it is the backbone of secure Internet communication. TLS 1.3 designed for speed by reducing the network of round-trips and enhances security by removing unsafe cryptographic primitives.

Facebook built Open Source Library Fizz to implement support for TLS 1.3, now the Fizz handles millions of TLS 1.3 handshakes every second.

The social media giant said “Fizz and TLS 1.3 globally in our mobile apps, Proxygen, our load balancers, our internal services, and even our QUIC library, mvfst.Fizz has reduced not only the latency but also the CPU utilization of services that perform trillions of requests a day.”

TLS 1.3 reduces the latency considerably in establishing initial secure connections when compares to TLS 1.2.

Fizz currently supports TLS 1.3 drafts 28, 26 (both wire-compatible with the final specification), and 23. All major handshake modes are supported, including PSK resumption, early data, client authentication, and HelloRetryRequest.

Its servers are async by default and it supports for scatter/gather I/O APIs, as it accepts scatter/gather method of input and output it allows the user’s to pass chunked data, encrypts and place in chunk memory, which avoids the need to copy data.

According to Facebook “Fizz provides two kinds of APIs to be able to handle rejection of early data, either transparently or by allowing the app to change the data it sends during retry.”

It is built with security in mind from the ground up, with secure abstractions, it delivers the reliability and performance of TLS 1.3.

Now more than 50% of the internet traffic is secured with TLS 1.3 and it continues to grows as browsers adopted support for TLS 1.3. Starting from version 61.0, by default Firefox 61 supports for the latest draft of TLS 1.3. Chrome 63 enables support for TLS 1.3.

Also Read

SSL/TLS Certificate Revocation is Broken Time for More Reliable Revocation Checking Mechanism

Evolution of TLS1.3 – Enhanced security and speed

Transport Layer Security (TLS) 1.3 approved by IETF With the 28th Draft


Latest articles

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio...

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics...

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user...

Cyber Attack Surge by 28%:Education Sector at High Risk

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average...

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a...

Taxi App Vendor Data Leak: 300K Passengers Data Exposed

Around 300,000 taxi passengers' personal information was left exposed on the internet, causing concern...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles