Synology: TLS 1.2 vs TLS 1.3

Synology TLS 1.2 vs TLS 1.3

Did you know DSM 7.0 will support the TLS 1.3 feature? This is great news and here is why. TLS 1.3 was released in 2018, and now, encrypted connections are more secure and faster than ever thanks to it. If you host a website from home on your Synology NAS with DSM 7.0 and you are using the SSL protocol, you will surely notice better speed in your website. DSM 7.0 preview will be released in Q3, that is, July-August-September 2020.

What is TLS?

TLS stands for Transport Layer Security and is the successor to SSL (Secure Sockets Layer). TLS provides secure communication between web browsers and servers. The connection itself is secure because symmetric cryptography is used to encrypt the data transmitted. The keys are uniquely generated for each connection and are based on a shared secret negotiated at the beginning of the session, also known as a TLS handshake.

Many IP-based protocols, such as HTTPS, SMTP, POP3, FTP support TLS to encrypt data. Web browsers like Chrome, Edge, Firefox, Safari and others utilize an SSL certificate which allows them to recognize that it belongs to a digitally signed certificate authority. So the let’s encrypt certificate will be run faster than ever on your Synology NAS. TLS and encrypted connections have always added a slight overhead when it comes to web performance. HTTP/2 definitely helped with this problem, but TLS 1.3 helps speed up encrypted connections even more with features such as TLS false start and Zero Round Trip Time (0-RTT).

As you can see in the image below, is currently hosted on a Synology NAS DS718+ with DSM 6.2.3-25426 and uses the TLS 1.2 Protocol.

mariushosting SSL 1.2

To put it simply, with TLS 1.2, two round-trips have been needed to complete the TLS handshake. With TLS 1.3, only one round-trip is required, which in turn cuts the encryption latency in half. This helps those encrypted connections feel just a little bit snappier than before. In the image below you can get an idea of the difference between TLS 1.2 and TLS 1.3 on your Synology NAS Diskstation.

Synology TLS 1.3 Handshake

This post was updated on