Hacker News

Facebook Open Sources Fizz — TLS 1.3 Library For Speed and Security

facebook fizz tls 1.3 library

Facebook has open sourced Fizz—a library designed to help developers implement TLS 1.3 protocol with all recommended security and performance related configurations.

Since late last month, Google Chrome web browser has started marking all non-HTTPS websites as ‘Not Secure’ in an effort to make the web a more secure place, forcing website administrators to switch to HTTPS.

TLS 1.3 is the newest and most secure cryptographic protocol of the Transportation Layer Security (TLS), the successor to Secure Sockets Layer (SSL), which encrypts data in transit between clients and servers to prevent data theft or tampering.

To make internet traffic more secure, TLS 1.3 incorporates several new features like encrypting handshake messages to keep certificates private, redesigning the way secret keys are derived, and a zero round-trip (0-RTT) connection setup, making certain requests faster than TLS 1.2.

TLS 1.3 Library For Speed and Security

Written in C++ 14, Fizz is a reliable and highly performant TLS library that supports all major handshake modes, robust encryption algorithms, and performance optimizations aim to transfer data securely over 10 percent higher speed.

“With zero copy encryption and decryption, tight integration with other parts of our infrastructure, and other optimizations, we see a reduced usage of memory and CPU with Fizz,” Facebook says in a blog post announcing that it’s open sourcing the library.

“In addition to the enhancements that come with TLS 1.3, Fizz offers an improved solution for middlebox handshake failures, supports asynchronous I/O by default, and can handle scatter/gather I/O to eliminate the need for extra copies of data.”

Facebook has already replaced its older custom protocol, called Zero protocol, with Fizz which is now responsible for securing trillions of connections every day at Facebook.

The social media giant says it has “deployed Fizz and TLS 1.3 globally in our mobile apps, Proxygen, our load balancers, our internal services, and even our QUIC library, mvfst. More than 50 percent of our internet traffic is now secured with TLS 1.3.”

By open-sourcing Fizz, Facebook is sharing this technology with the world and helping drive deployments of the latest TLS 1.3 protocol across the Internet, making apps and services faster and more secure than ever.

Fizz is available on GitHub, and anyone can access and use it.

Similar Posts: