TLS 1.3 for engineers: An exploration of the TLS 1.3 specification and OpenJDK's Java implementation
It addresses the gap in knowledge about TLS encryption for engineers, but it is incremental as it focuses on explaining existing standards and implementations rather than introducing novel advancements.
The paper explores the TLS 1.3 specification and its implementation in OpenJDK's Java to broaden understanding of encryption technology used for securing Internet traffic, such as HTTP and FTP, without presenting new experimental results or performance metrics.
The Internet delivered in excess of forty terabytes per second in 2017 (Cisco, 2018), and over half of today's Internet traffic is encrypted (Sandvine, 2018); enabling trade worth trillions of dollars (Statista, 2017). Yet, the underlying encryption technology is only understood by a select few. This manuscript broadens understanding by exploring TLS, an encryption technology used to protect application layer communication (including HTTP, FTP and SMTP traffic), and by examining Oracle's Java implementation. We focus on the most recent TLS release, namely, version 1.3, which is defined by RFC 8446.