In modern-day security, servers have become more secure. Hackers have leaned more towards the clients. Studies also reveal that client-side attacks are growing faster than server-side attacks. There is a reason for this. Clients are more vulnerable and easy to compromise. Now, it is highly important to understand the importance of client-side (web browser) security and learn how to be safe from all such attacks. TLS is one of the keys when it comes to browser security. In this article, we are covering how to enable TLS 1.3 in standard web browsers.
Table of Contents
What Is TLS?
TLS stands for Transport Layer Security. It’s a security protocol developed to provide the greatest security for the data transferred between a web browser (Client) and a web server (Server) over the internet. TLS uses asymmetric encryption techniques to servers HTTPS to provide encrypted channels and protect from cyber attacks.
Why You Should Enable TLS 1.3?
When ITEF published TLS 1.3 in August 2018 under RFC 8446 after a decade. It has gotten an impressive improvement in terms of security, speed, and performance over its previous version TLS 1.2.
- TLS 1.3 provides modern ciphers and key-exchange algorithms, with forward secrecy as a baseline.
- Removal of older, less-secure ciphers and key exchange methods: including the following: MD5, SHA1, RC5, DES, 3DES, AES CBC, Arbitrary Diffie-Hellman groups, and EXPORT-strength ciphers., as well as an overall reduction in the complexity of the protocol.
- Most of the handshake messages are encrypted in TLS 1.3 compared to its predecessor TLS 1.2. Encryption will kick off right after the Server Hello message in TLS 1.3 handshake.
- The handshake process was reduced from two round trips in TLS 1.2 to one round trip in TLS 1.3. This has given a lead in terms of overall speed. According to IETF, TLS 1.3 is 25% to 50 % faster than TSL 1.2.
TLS Supported Browser Versions:
If you pay some attention to the above picture, you can figure out which browsers have started supporting their support to TLS 1.3. As on February 2021:
- Internet Explorer doesn’t have official support for TLS 1.3.
- Edge started supporting TLS 1.3 from version 79.
- Firefox started giving support from version 63.
- Chrome started support to TLS 1.3 from version 70.
- At last, Safari has started supporting TLS 1.3 from its 12.2.
If you find the release dates of all these supported versions, You will say, most of the web browsers started supporting TLS 1.3 from their October 2018 revisions. So, now most of the popular web browsers have been supporting TLS 1.3, it’s perfectly all right not to give much attention to this part. Let’s continue our journey to explore how to enable TLS 1.3 in standard web browsers.
Enabling TLS 1.3 in Chrome
- Fire up the Chrome
- Type “chrome://flags/” in the address bar.
- Type “TLS” in the search box.
- Set TLS to Default or Enabled.
- Relaunch the browser.
Enabling TLS 1.3 in Firefox
- Open Firefox.
- Type “about:config” in the address bar.
- Accept the Risk and Continue.
4. Hit on “Show All“
5. Write “tls.version” inside the search box.
6. Ensure security.tls.version.max value is 4
7. If not, double-click on it to modify it to 4.
Enabling TLS 1.3 in Safari
- Open the terminal and become a root.
sudo su — root
- Type the following command and hit Enter.
defaults write /Library/Preferences/com.apple.networkd tcp_connect_enable_tls13 1
Enabling TLS 1.3 in Edge
- Launch the Edge browser.
- Type “chrome://flags/” in the address bar.
- Type “TLS” in the search box.
- Set TLS to Default or Enabled.
- Restart the browser.
Enabling TLS 1.3 in Internet Explorer
- Hit the Win + r key to open the Run utility.
- Type “inetcpl.cpl” and hit Enter key.
3. Go to the Advanced tab in the Internet Properties window. Scroll down till you see TLS 1.3 check box. Click on the check box and hit the ‘Ok’ button.
That’s all. Now you have learned how to enable TLS 1.3 in standard web browsers.
Thanks for reading this article. Please visit our site to read more and more interesting articles.
Thank you very much for your information's.
You are most welcome, Nghia!