s2n

s2n
Developer(s)	Amazon Security Labs
Written in	C99
Operating system	Cross-platform
Type	Security library
License	Apache License 2.0
Website	github.com/awslabs/s2n

s2n is an open-source implementation of the Transport Layer Security (TLS) protocol; the name comes from the signal-to-noise ratio.^[1]

It is developed by the Amazon Security Labs as a way to provide some code that would be easier to review than OpenSSL.^[1] It has been released on June 30, 2015 on GitHub.^[2]

The code of s2n is about 6,000 lines long, compared to the 500,000 lines of OpenSSL. It has already been the subject of several external reviews as well as penetration testing.^[1] It makes a strong focus on usability and simplicity.^[2]

Features

TLS extensions

Common TLS extensions supported by this software are Server Name Indication, Application-Layer Protocol Negotiation and Online Certificate Status Protocol.

Cryptography

s2n support the main ciphers in use today, such as AES in CBC and GCM modes, 3DES and RC4. It also provides support for perfect forward secrecy through Diffie–Hellman or Elliptic curve Diffie–Hellman ephemeral keys.

The weaker ciphers and key exchange modes are disabled by default.^[2]

Language Bindings

LuaJIT 2.0 binding

References

1 2 3 Stephen Schmidt, Introducing s2n, a New Open Source TLS Implementation, on the Amazon Security Blog
1 2 3 s2n : an implementation of the TLS/SSL protocols, on GitHub

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[s2n-blog-annoucement-1] 1 2 3 Stephen Schmidt, Introducing s2n, a New Open Source TLS Implementation, on the Amazon Security Blog

[s2n-github-2] 1 2 3 s2n : an implementation of the TLS/SSL protocols, on GitHub