Facebook Open Sources Fizz a TLS v1.3 Library

TLS v 1.3 is the latest and most secure version of the Transportation Layer Security cryptographic protocol (TLS). To improve security, TLS v 1.3 implemented a number of new features, such as encrypted messages so that certificates remain private; The method of delivery of secret keys has been redesigned; and also the concept of early or zero data, 0-RTT connection setup becomes faster.

Technically the new TLS version is providing many enhancements but moving to this protocol is slow and this can be for several reasons like for example the browser is not having this protocol due to not updating the system or the web server itself is still enabling only previous TLS versions. By looking at some statistics and according to Cloudflare  in December 2017 only 0.6% of traffic was protected by TLS 1.3.

In step to improve the TLS v1.3 usage Facebook open sourced Fizz library which is a high-speed TLS library that supports all the innovations of TLS 1.3. Initially, Fizz was created as an internal tool for Facebook developers. Facebook representatives say that currently Fizz and TLS 1.3 are widely used in mobile applications, Proxygen, internal services, load balancers and QUIC library mvfst. As a result, more than 50% of Facebook traffic is already protected by TLS 1.3.

Fizz library Facebook

Fizz library Facebook

Currently the source code for Fizz has been published on GitHub.

Notify of
Inline Feedbacks
View all comments