Facebook introduced a library called Fizz, specially released for the recent update of TLS under the number 1.3. Fizz is a library that accelerates the deployment of TLS 1.3 over the Internet and increases the speed and security of applications and services.
- Asynchronous I / O supported by default
- Improved collection / spread of input / output required from copies of data.
- Delays and loadings of service processors are reduced, which process trillions of requests per day.
- Data is divided into "pieces" and encrypted.
Fizz and TLS 1.3 are globally applied in mobile Proxygen applications, in load balancers, in internal services and the QUIC library, mvfst. Currently, Facebook protects more than 50% of its traffic using Transport Layer Security. Applications that use Fizz perform fewer memory and copy allocations.
In TLS 1.3, the concept of "early data" (zero data, or data from 0-RTT) was introduced, which helped to reduce the waiting time. According to ITEF, it does this without waiting for the TLS acknowledgment. However, this concept can be unsafe, so Fizz includes an API that helps to get rid of shortcomings.
In addition, Fizz provides two types of APIs that can handle the rejection of "early data": transparently or allowing the application to modify the information sent repeatedly.