This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.
This blog post was created on March 9th, 2024.
Preface
According to the public document (TDS 8.0 - SQL Server | Microsoft Learn), Azure SQL Database now supports Tabular Data Stream(TDS) 8.0, which is compatible with Transport Layer Security (TLS)1.3.
(The Tabular Data Stream (TDS) protocol is an application layer protocol used by clients to connect to SQL Server. SQL Server uses Transport Layer Security (TLS) to encrypt data that is transmitted across a network between an instance of SQL Server and a client application.)
The main difference between TLS1.2 and TLS1.3 is that TLS 1.3 reduces the number of round trips from two to one during the handshake phase, making it faster and more secure than TLS 1.2. The server hello packet containing server certificate is encrypted and one Round Trip Time (1-RTT) resumption is discontinued, and replaced with 0-RTT resumption based on client key share. Added security of TLS 1.3 comes from discontinuing certain cyphers and algorithms. (TLS 1.3 support - SQL Server | Microsoft Learn)
Let's take a look at the basic handshake flows of TLS 1.2 and TLS 1.3. from the official documents:
- RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2 (rfc-editor.org)
- RFC 8446 - The Transport Layer Security (TLS) Protocol Version 1.3 (ietf.org)
Unlike TLS 1.2, now all handshake messages after the ServerHello are now encrypted in TLS 1.3.
Analyzing TLS 1.3 Handshake Network Packets with Wireshark
In our subsequent analysis, we will inspect the network trace captured during a connection to Azure SQL DB over TDS 8.0 (TLS 1.3).
Prerequisite
you have to use the latest SQL driver or SSMS 20 with a 'encrypt=Strict' in the connection string to establish TDS8 with TLS1.3 connection
- Microsoft ADO.NET for SQL Server and Azure SQL Database version 5.1 or higher
- ODBC Driver for SQL Server version 18.1.2.1 or higher
- OLE DB Driver for SQL Server version 19.2.0 or higher
- Microsoft JDBC Driver for SQL Server version 11.2.0 or higher
- Microsoft Drivers for PHP for SQL Server version 5.10 or higher
- Python SQL Driver - pyodbc
Here I use ODBC Driver 18(18.3.2.1) for this decode demonstration:
And I set the Connection Policy of the Azure SQL Server to 'redirect' because it's unknown that if Azure SQL gateway supports TLS 1.3 or not, and the network packets captured on the connection established to gateway are not easily identifiable. Whereas the SQL Server running on the backend nodes do support TLS 1.3 for us to decode the TLS 1.3 handshake properly.
Below, we present the network packets of the TLS 1.3 handshake as captured with Wireshark. Please note that Microsoft Network Monitor 3.4 is deprecated and may not recognize the TLS 1.3 protocol; thus, I wouldn't recommend it for decoding TLS 1.3 handshakes.
#1 Client Hello
It may be unexpected to see TLS 1.2 in the ClientHello message; however, this is likely due to backward compatibility considerations, as some web servers on the Internet might not yet support TLS 1.3. This design choice is intentional, as outlined in RFC8446.
In the Supported Versions field, TLS 1.3 is included, indicating that the client is capable of communicating over TLS 1.3. Additionally, key share information is present in the handshake, consistent with the message flow described for TLS 1.3.
#2 Server Hello
The server will send this message in response to a ClientHello message when it was able to find an acceptable set of algorithms.
In the ServerHello message, the server specifies the selected TLS version (TLS 1.3 in this case) and provides its key share information.
Following this exchange, both the client and the server possess all the information necessary for encryption, and subsequent messages will be encrypted.
That concludes our brief overview of the handshake messages when establishing a connection to Azure SQL Database over TDS 8.0 (TLS 1.3).
We hope you find this information valuable.