MatrixSSL

Last updated
MatrixSSL
Developer(s) Rambus
Initial releaseJanuary 25, 2004 (2004-01-25)
Stable release
4.3.0 [1] / 31 July 2020;4 months ago (31 July 2020)
Repository OOjs UI icon edit-ltr-progressive.svg
Written in C
Operating system Multi-platform
Type Security library
License dual GPLv2 or proprietary
Website www.matrixssl.org

MatrixSSL is an open-source TLS/SSL implementation designed for custom applications in embedded hardware environments. [2] [3] [4]

Contents

The MatrixSSL library contains a full cryptographic software module that includes industry-standard public key and symmetric key algorithms. It is now called the Inside Secure TLS Toolkit. [5]

Features

Features: [6]

Major Releases

Version [7] Date
4.0.0Sep 2018
3.9.0Mar 2017
3.8.3Apr 2016
3.7.1Dec 2014
3.6Apr 2014
3.4Jan 2013
3.3Feb 2012
3.2Jun 2011
3.1Mar 2010
3.0Aug 2009
2.2Jan 2008
2.1Nov 2005
1.7Apr 2005
1.1May 2004
1.0Jan 2004

See also

Related Research Articles

Transport Layer Security (TLS), and its now-deprecated predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. Several versions of the protocols are widely used in applications such as web browsing, email, instant messaging, and voice over IP (VoIP). Websites can use TLS to secure all communications between their servers and web browsers.

In cryptography, the Elliptic Curve Digital Signature Algorithm (ECDSA) offers a variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography.

In cryptography, Camellia is a symmetric key block cipher with a block size of 128 bits and key sizes of 128, 192 and 256 bits. It was jointly developed by Mitsubishi Electric and NTT of Japan. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The cipher has security levels and processing abilities comparable to the Advanced Encryption Standard.

CRYPTREC is the Cryptography Research and Evaluation Committees set up by the Japanese Government to evaluate and recommend cryptographic techniques for government and industrial use. It is comparable in many respects to the European Union's NESSIE project and to the Advanced Encryption Standard process run by National Institute of Standards and Technology in the U.S..

NSA Suite B Cryptography was a set of cryptographic algorithms promulgated by the National Security Agency as part of its Cryptographic Modernization Program. It was to serve as an interoperable cryptographic base for both unclassified information and most classified information.

ECRYPT was a 4-year European research initiative launched on 1 February 2004 with the stated objective of promoting the collaboration of European researchers in information security, and especially in cryptology and digital watermarking.

Strong cryptography or cryptographic-ally strong are general terms applied to cryptographic systems or components that are considered highly resistant to cryptanalysis.

In computing, Network Security Services (NSS) comprises a set of libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME. Previously tri-licensed under the Mozilla Public License 1.1, the GNU General Public License, and the GNU Lesser General Public License, NSS upgraded to GPL-compatible MPL 2.0 with release 3.14.

Transport Layer Security pre-shared key ciphersuites (TLS-PSK) is a set of cryptographic protocols that provide secure communication based on pre-shared keys (PSKs). These pre-shared keys are symmetric keys shared in advance among the communicating parties.

The following outline is provided as an overview of and topical guide to cryptography:

There are various implementations of the Advanced Encryption Standard, also known as Rijndael.

A cipher suite is a set of algorithms that help secure a network connection that uses Transport Layer Security (TLS) or its now-deprecated predecessor Secure Socket Layer (SSL). The set of algorithms that cipher suites usually contain include: a key exchange algorithm, a bulk encryption algorithm, and a message authentication code (MAC) algorithm.

Mbed TLS is an implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. It is dual-licensed with the Apache License version 2.0. Stated on the website is that Mbed TLS aims to be "easy to understand, use, integrate and expand".

wolfSSL is a small, portable, embedded SSL/TLS library targeted for use by embedded systems developers. It is an open source implementation of TLS written in the C programming language. It includes SSL/TLS client libraries and an SSL/TLS server implementation as well as support for multiple APIs, including those defined by SSL and TLS. wolfSSL also includes an OpenSSL compatibility interface with the most commonly used OpenSSL functions.

The Transport Layer Security (TLS) protocol provides the ability to secure communications across networks. This comparison of TLS implementations compares several of the most notable libraries. There are several TLS implementations which are free software and open source.

Nettle is a cryptographic library designed to fit easily in a wide range of toolkits and applications. It began as a collection of low-level cryptography functions from lsh in 2001. Since June 2009 Nettle is a GNU package.

Application-Layer Protocol Negotiation (ALPN) is a Transport Layer Security (TLS) extension that allows the application layer to negotiate which protocol should be performed over a secure connection in a manner that avoids additional round trips and which is independent of the application-layer protocols. It is needed by secure HTTP/2 connections, which improves the compression of web pages and reduces their latency compared to HTTP/1.x. The ALPN and HTTP/2 standards emerged from development work done by Google on the now withdrawn SPDY protocol.

RSA BSAFE is a FIPS 140-2 validated cryptography library, available in both C and Java, offered by RSA Security. It was one of the most common ones before the RSA patent expired in September 2000. It also contained implementations of the RCx ciphers, with the most common one being RC4. From 2004 to 2013 the default random number generator in the library was a NIST-approved RNG standard, widely known to be insecure from at least 2006, withdrawn in 2014, suspected to contain an alleged kleptographic backdoor from the American National Security Agency (NSA), as part of its secret Bullrun program.

wolfSSH is a small, portable, embedded SSH library targeted for use by embedded systems developers. It is an open-source implementation of SSH written in the C language. It includes SSH client libraries and an SSH server implementation. It allows for password and public key authentication.

This article discusses the security of the Transport Layer Security (TLS) internet protocol.

References

  1. "Release 4.3.0". 31 July 2020. Retrieved 21 October 2020.
  2. "Evaluating PeerSec Networks' MatrixSSL on a Stellaris® Microcontroller" (PDF). Texas Instruments. 2009-06-24. Retrieved 2014-08-13.[ permanent dead link ]
  3. Eronen, Pasi (2006-11-09). "TLS Record Layer Bugs". IETF67 TLS WG. Retrieved 2014-08-13.
  4. Young, Craig (2016-10-10). "Flawed MatrixSSL Code Highlights Need for Better IoT Update Practices". tripwire.com. Tripwire, Inc. Retrieved 2017-11-17.
  5. "Inside Secure TLS Toolkit" . Retrieved 2020-06-30.
  6. "MatrixSSL Documentation". Archived from the original on 2014-08-14. Retrieved 2014-08-13.
  7. "MatrixSSL Release Notes".