TLS 1.3, the Real Trusted Channel (M23c)
The establishment of secure communication is very common in products that are CC evaluated. However, sometimes, these channels are not as secure as expected, presenting vulnerabilities that can be exploited within the evaluation scope, putting in risk the security product. A new version of Transport Layer Security protocol, TLS 1.3, has been release. This new version of TLS provides important benefits versus its predecessor (e.g. TLS 1.2), such as the secure handshake protocol implementation or assurance of the parts involved. This presentation provides a brief overview of the communication channel history and an explanation of TLS 1.3, its features, strengths and advantages. Special attention is given to the importance that this protocol will have in requirements such as trusted path (FTP_TRP) and Internal TOE transfer (FDP_ITT).