Like it or not, business must swallow TLS deprecation medicine

News by Davey Winder

In coordinated statements, the big four in the browser application world have finally announced the deprecation of Transport Layer Security (TLS) protocol v1.0 and v1.1.

In coordinated statements, the big four in the browser application world have finally announced the deprecation of Transport Layer Security (TLS) protocol v1.0 and v1.1.

It will happen in 2020 which means organisations have 18 months in which to assess the impact of this disabling of support for the encryption and authentication protocols in Chrome, Edge/IE, Firefox and Safari browsers.

Web browsers have supported TLS v1.0 and then v1.1 for two decades to encrypt data communications and secure everything from logins to financial information.

However, a number of issues make them an insecure choice these days: older cipher suites can negatively impact upon perfect forward secrecy and authenticated encryption, for example, or be vulnerable to attacks such as BEAST and POODLE. Then there's the small matter of insecure SHA1 and MD5 hash functions being used.

TLS v1.2 and v1.3 address all of these issues.  

Google has said it will deprecate the protocol versions from January 2020 when Chrome 72 is slated to start rolling out. Mozilla with Firefox and Apple with Safari have a deprecation date of March 2020 and Microsoft states both Edge and IE will disable the protocols in the 'first half' of 2020.

When you look at the number of HTTPS connections using TLSv1.0 and TLSv1.1 being reported by the browser developers though, only Firefox manages to break one percent (1.2 percent to be precise). Edge sits at 0.72 percent, Chrome 0.5 percent and Safari just 0.36 percent. So will this really be a browser headache for business, and if so should the enterprise happily swallow the security medicine even if it has a sour taste?

SC Media UK contacted Darron Gibbard, chief technical security officer (northern EMEA) at Qualys, regarding the current state of support for TLS. The Qualys SSL Pulse survey data covers the world’s 150,000 largest websites and shows 94 percent of all websites currently support TLS v1.2.

While 73 percent support TLS v1.0 and 79 percent also support TLS v1.1, these numbers are dropping slightly over time, which points towards more companies concentrating on the latest versions of TLS.

That said, support for earlier standards like SSL still exists with "around 10 percent of all websites scanned still supporting SSL v3.0 today," Gibbard points out, "when that standard is not enough to keep Internet users secure."

He also suggests we look at PCI as a comparison, which has mandated the removal of TLS 1.0/1.1 and SSL for a number of years. "How quickly were those standards followed and enforced?"

Gibbard said "getting the browser companies to act together on this is therefore welcome".

Raphael Robert, head of security at Wire, agrees that the decision to deprecate these early versions of TLS by the major browser developers is a welcome and strong signal to all website operators to move fully to v1.2. "Unfortunately there are still companies, government institutions and other organisations where staff are locked into using older versions of Internet Explorer without TLS v1.2," Robert told SC. "Therefore, websites and web-based tools they use must continue to support TLS v1.0/1.1," at least for the time being and despite this potentially putting customers and their data at risk.

The situation is even worse in the world of the Android developer, as only Android 5 and newer fully support the latest TLS version. "Due to the fragmentation of the Android market, this means having to cut up to 10 percent of the user base when app developers configure their backend servers to only support TLSv1.2," Roberts said. "The alternative is to use different TLS libraries which brings the downside of added development challenges of increased complexity and higher maintenance costs."

Ed Williams, director of SpiderLabs (EMEA) at Trustwave, warns that the deprecation of the TLS 1.0/1.1 protocols is going to create a lot of headaches for organisations in both the short and medium terms.

"While removing these protocols is clearly important for the overall assurance of an enterprise," he said, "I do worry that this will deflect the limited resources organisations have on ensuring the basics are done well and constantly across the enterprise."

Williams also said that while he's not aware of threat actors that are actually abusing a weak TLS implementation, they most likely will try through spoofed emails, weak passwords and mis-configurations. "But a sensible balance must be taken," he concludes. "I would recommend that organisations create an appropriate threat model and mitigate TLS in a timely manner without neglecting other areas of security." Something Williams admits is not an easy task in 2018...

Craig Stewart, a cyber-security expert at Venafi, thinks that "this is good security medicine, moves towards security being the de facto standard and puts pressure on businesses to step up their game and improve security, which can only be a good thing".

His approval is not without a caveat, however. Stewart harks back to the depreciation of SHA-1 certificates when organisations were typically slow to react to the warnings and often underestimated the task at hand.

"Many organisations do not properly track which certificates they have applied where and have thousands of certificates that they are unaware of," Stewart said.

"It will be a challenge for businesses to ensure they’ve resolved the situation in the 18 months before the deadline, so they had better get started now."

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews