Facebook Open sources library Fizz
Faceook has open sourced Fizz a library designed to help developers implement TLS 1.3 protocol with all recommended security and performance related configurations.
TLS 1.3 is the newest and most secure cryptographic protocol of the Transportation Layer Security (TLS), the successor to Secure Sockets Layer (SSL), which encrypts data in transit between clients and servers to prevent data theft or tampering.
To make internet traffic more secure, TLS 1.3 incorporates several new features like encrypting handshake messages to keep certificates private, redesigning the way secret keys are derived, and a zero round-trip (0-RTT) connection setup, making certain requests faster than TLS 1.2.
Facebook built Open Source Library Fizz to implement support for TLS 1.3, now the Fizz handles millions of TLS 1.3 handshakes every second. The social media giant said
“Fizz and TLS 1.3 globally in our mobile apps, Proxygen, our load balancers, our internal services, and even our QUIC library, mvfst.Fizz has reduced not only the latency but also the CPU utilization of services that perform trillions of requests a day.”
According to Facebook “Fizz provides two kinds of APIs to be able to handle rejection of early data, either transparently or by allowing the app to change the data it sends during retry.”
It is built with security in mind from the ground up, with secure abstractions, it delivers the reliability and performance of TLS 1.3.
Now more than 50% of the internet traffic is secured with TLS 1.3 and it continues to grows as browsers adopted support for TLS 1.3. Starting from version 61.0, by default Firefox 61 supports for the latest draft of TLS 1.3. Chrome 63 enables support for TLS 1.3.
Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.