ESORICS 2021 in Darmstadt

Introduction to TLS 1.3

Prof. Dr. Juraj Somorovsky, Robert Merget

Paderborn University and University Bochum, Germany

Transport Layer Security (TLS) is arguably the most important cryptographic protocol. Whether web, email, phone calls, chat, or VPN - there is hardly a type of communication which cannot be secured using TLS. Due to its importance, the protocol became target of many famous attacks, such as CRIME, DROWN, Logjam, or padding oracles. In 2018, a new standard version was released - TLS 1.3. This version was introduced to prevent all the protocol attacks and make the communication more performant.

In this hands-on tutorial, we will give a short introduction to TLS 1.3 and explain how it works. Then, we will show how you can analyze TLS 1.3 with Wireshark and TLS-Attacker.

Virtual machine used in the tutorial


Prof. Dr. Juraj Somorovsky
is a security researcher at the Paderborn University and co-founder of Hackmanit GmbH. He is a co-author of several recent TLS attacks (e.g., DROWN, ROBOT, and RACCOON) and the main developer of a flexible tool for TLS analyses: TLS-Attacker ( Beyond TLS, he likes to break stuff in the areas of Web and crypto.

Robert Merget
is a PhD Student at the Chair for Network and Data security at Ruhr University Bochum. The focus of his research is TLS and the analysis of TLS implementations. He is also the maintainer of TLS-Attacker ( and TLS-Scanner (