Categories: SSL/TLS

Facebook Launches Open Source Library Fizz To Enhance TLS 1.3 Protocol

TLS is the most widely used cryptographic protocol and it is the backbone of secure Internet communication. TLS 1.3 designed for speed by reducing the network of round-trips and enhances security by removing unsafe cryptographic primitives.

Facebook built Open Source Library Fizz to implement support for TLS 1.3, now the Fizz handles millions of TLS 1.3 handshakes every second.

The social media giant said “Fizz and TLS 1.3 globally in our mobile apps, Proxygen, our load balancers, our internal services, and even our QUIC library, mvfst.Fizz has reduced not only the latency but also the CPU utilization of services that perform trillions of requests a day.”

TLS 1.3 reduces the latency considerably in establishing initial secure connections when compares to TLS 1.2.

Fizz currently supports TLS 1.3 drafts 28, 26 (both wire-compatible with the final specification), and 23. All major handshake modes are supported, including PSK resumption, early data, client authentication, and HelloRetryRequest.

Its servers are async by default and it supports for scatter/gather I/O APIs, as it accepts scatter/gather method of input and output it allows the user’s to pass chunked data, encrypts and place in chunk memory, which avoids the need to copy data.

According to Facebook “Fizz provides two kinds of APIs to be able to handle rejection of early data, either transparently or by allowing the app to change the data it sends during retry.”

It is built with security in mind from the ground up, with secure abstractions, it delivers the reliability and performance of TLS 1.3.

Now more than 50% of the internet traffic is secured with TLS 1.3 and it continues to grows as browsers adopted support for TLS 1.3. Starting from version 61.0, by default Firefox 61 supports for the latest draft of TLS 1.3. Chrome 63 enables support for TLS 1.3.

Also Read

SSL/TLS Certificate Revocation is Broken Time for More Reliable Revocation Checking Mechanism

Evolution of TLS1.3 – Enhanced security and speed

Transport Layer Security (TLS) 1.3 approved by IETF With the 28th Draft

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Russian Hackers Target Signal Messenger Users to Steal Sensitive Data

Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals…

26 minutes ago

Hackers Exploit Jarsigner Tool to Deploy XLoader Malware

Security researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a new campaign leveraging the…

30 minutes ago

Hackers Converting Stolen Payment Card Data into Apple & Google Wallets

Cybercriminal groups, primarily based in China, are leveraging advanced phishing techniques and mobile wallet technologies…

31 minutes ago

Snake Keylogger Targets Chrome, Edge, and Firefox Users in New Attack Campaign

A new variant of the Snake Keylogger, also known as 404 Keylogger, has been detected…

32 minutes ago

Russian CryptoBytes Hackers Target Windows Machines with UxCryptor Ransomware

The SonicWall Capture Labs threat research team has identified continued activity from the Russian cybercriminal…

33 minutes ago

North Korean Hackers Leverage Dropbox and PowerShell Scripts to Breach Organizations

A recent cyberattack campaign, dubbed "DEEP#DRIVE," has been attributed to the North Korean Advanced Persistent…

34 minutes ago