Rustls

Last updated

Rustls
Developer(s) Joe Birr-Pixton, Dirkjan Ochtman, Daniel McCarney, Josh Aas [1]
Initial release2016
Stable release v0.23.12 (July 23, 2024;40 days ago (2024-07-23) [2] ) [±]
Written in Rust
Operating system Cross-platform
Type Security library
License Apache 2.0, MIT, ISC [1]
Website github.com/rustls

Rustls (pronounced "rustles" [3] ) is an open-source implementation of the Transport Layer Security (TLS) cryptographic protocol written in the Rust programming language. TLS is essential to internet security, and Rustls aims to enable secure, fast TLS connections. Rustls uses Rust's enforcement of memory safety to reduce the risk of security vulnerabilities. It is part of efforts to improve internet security by replacing memory-unsafe software libraries, such as OpenSSL, with memory-safe alternatives.

Contents

Team and funding

Joe Birr-Pixton started Rustls in 2016 and remains the lead developer as of 2024. [1] The Internet Security Research Group (ISRG), a nonprofit organization based in the United States, has sponsored the project since 2021 as part of its Prossimo initiative. [4] [5] ISRG aims to make Rustls a viable alternative to OpenSSL, which is widely used by internet servers but difficult to use correctly and has had security bugs, such as Heartbleed, caused by memory-unsafe code. [4] [6]

ISRG has paid several programmers to work on Rustls, including Birr-Pixton, Daniel McCarney, and Dirkjan Ochtman, using money contributed by Google and other companies and organizations. [4] [7] In 2023, the Open Source Security Foundation's Alpha-Omega initiative gave ISRG $530,000 for development of the option to use different cryptographic backends and for the separate project Rust for Linux. [8] That money came from Google, Amazon Web Services, and Microsoft. [9] Amazon Web Services also gave ISRG $1 million in 2023 for memory-safety projects including Rustls. [10] The Sovereign Tech Fund, supported by the German government, gave $1.5 million to ISRG in 2023 for work on Rustls and other projects that provide memory-safe versions of open source tools critical to internet security. [11] [12] Additional funding has come from Fly.io, [13] a cloud platform that uses Rustls. [14]

The United States Office of the National Cyber Director has encouraged work on memory-safe security software [15] and complimented the Rustls team. [13] Google awarded Open Source Peer Bonuses to Birr-Pixton and Ochtman for their work on Rustls. [16]

Architecture and features

Rustls is a low-level software library focused on TLS implementation. [17] This means it does not support other internet protocols by itself, such as HTTPS, but software that implements other protocols may use Rustls as a component. [17]

By default Rustls uses cryptographic primitives from Amazon Web Services Libcrypto for Rust (aws-lc-rs), which supports Federal Information Processing Standards (FIPS). [18] Rustls allows using alternative cryptographic libraries instead of aws-lc-rs, such as ring. [18] The project has experimental support for post-quantum cryptography: a key exchange method with a special key encapsulation mechanism (Kyber). [19]

Rustls uses its own fork of the webpki library to verify public key infrastructure certificates, a step in the TLS handshake. [3] [20] Rustls supports Server Name Indication (SNI), which allows a web server to serve multiple HTTPS websites at the same IP address with different certificates. [21] It also supports TLS certificates that contain IP addresses instead of domain names. [22]

C programs can use Rustls through a foreign function interface API, rustls-ffi. [3] [6] For example, cURL is a popular tool written in C, and it allows using Rustls through rustls-ffi. [23] [24] Rustls also has an OpenSSL compatibility layer that allows configuring the widely-used Nginx web server to use Rustls instead of OpenSSL. [13] [25]

Rustls is available under multiple free software licenses: Apache 2.0, MIT, and ISC. [1]

Evaluations

In 2020, the Cloud Native Computing Foundation funded a security audit of Rustls and two Rust libraries it used, ring and webpki, with positive results. [26]

In 2019, benchmarks carried out by the Rustls developer showed better performance than OpenSSL. [27] In 2024 the project conducted new performance comparisons with the latest version of OpenSSL, which showed some scenarios where Rustls was faster or more efficient and some where OpenSSL performed better. [28]

Uses

Like other TLS implementations, a computer user may use Rustls without being aware of it, as an underlying part of an application or website. A programmer can use Rustls directly or by configuring a higher-level library or tool to use it. In particular, Rustls is used by some projects that want to ensure they have a secure software supply chain. [29]

Some libraries support Rustls as one of several choices for TLS implementations. The reqwest HTTP client library offers the option to use Rustls for TLS instead of the system's default TLS library (for example, on Windows the default is the Security Support Provider Interface). [30] [31] In 2020 an ISRG software engineer enabled using Rustls as a TLS backend for cURL. [32] [33] s2n-quic, an implementation of the QUIC network protocol in Rust, supports both Rustls and s2n-tls for TLS. [34]

In 2021 Google funded the creation of mod_tls, a new TLS module for Apache HTTP Server using Rustls. [35] [36] The new module is intended to be a successor to the mod_ssl module that uses OpenSSL, as a more secure default. [35] [36] As of August 2024, mod_tls is available in the latest version of Apache but still marked as experimental. [37] The Internet Society, a nonprofit that advocates for an open and secure internet, suggests that organizations use this module as a step toward increasing memory safety. [38]

Rustls is the default TLS implementation in some applications. The utility program cargo_audit, which checks Rust project dependencies for security vulnerabilities, uses Rustls. [39] Linkerd, which "adds security, observability, and reliability to any Kubernetes cluster", includes a proxy server built with Rustls. [40] Wolfi, a tool for making memory-safe Linux containers, uses Rustls. [41] [42] In 2024, ISRG announced plans to start replacing OpenSSL with Rustls in Let's Encrypt, their free certificate authority used by hundreds of millions of websites. [13] [43]

See also

Related Research Articles

<span class="mw-page-title-main">HTTPS</span> Extension of the HTTP communications protocol to support TLS encryption

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.

<span class="mw-page-title-main">OpenSSL</span> Open-source implementation of the SSL and TLS protocols

OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites.

cURL is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various network protocols. The name stands for "Client for URL".

The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The "request/response" nature of these messages leads to OCSP servers being termed OCSP responders.

Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications by allowing them to communicate in a way designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport—the application does not suffer from the delays associated with stream protocols, but because it uses UDP or SCTP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet. Because DTLS uses UDP or SCTP rather than TCP, it avoids the "TCP meltdown problem", when being used to create a VPN tunnel.

Web server software allows computers to act as web servers. The first web servers supported only static files, such as HTML, but now they commonly allow embedding of server side applications.

SSLeay is an open-source SSL implementation. It was developed by Eric Andrew Young and Tim J. Hudson as an SSL 3.0 implementation using RC2 and RC4 encryption. The recommended pronunciation is to say each letter s-s-l-e-a-y and was first developed by Eric A. Young ("eay"). SSLeay also included an implementation of the DES from earlier work by Eric Young which was believed to be the first open-source implementation of DES. Development of SSLeay unofficially mostly ended, and volunteers forked the project under the OpenSSL banner around December 1998, when Hudson and Young both commenced working for RSA Security in Australia.

<span class="mw-page-title-main">Network Security Services</span> Collection of cryptographic computer libraries

Network Security Services (NSS) is a collection of cryptographic computer libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME. NSS releases prior to version 3.14 are tri-licensed under the Mozilla Public License 1.1, the GNU General Public License, and the GNU Lesser General Public License. Since release 3.14, NSS releases are licensed under GPL-compatible Mozilla Public License 2.0.

Hiawatha was a free and open source cross-platform web server developed by Hugo Leisink.

Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. The extension allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested. The SNI extension was specified in 2003 in RFC 3546

mod_ssl is an optional module for the Apache HTTP Server. It provides strong cryptography for the Apache v1.3 and v2 webserver via the Secure Sockets Layer and Transport Layer Security cryptographic protocols by the help of the Open Source SSL/TLS toolkit OpenSSL.

Mbed TLS is an implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. It is distributed under the Apache License version 2.0. Stated on the website is that Mbed TLS aims to be "easy to understand, use, integrate and expand".

wolfSSL is a small, portable, embedded SSL/TLS library targeted for use by embedded systems developers. It is an open source implementation of TLS written in the C programming language. It includes SSL/TLS client libraries and an SSL/TLS server implementation as well as support for multiple APIs, including those defined by SSL and TLS. wolfSSL also includes an OpenSSL compatibility interface with the most commonly used OpenSSL functions.

The Transport Layer Security (TLS) protocol provides the ability to secure communications across or inside networks. This comparison of TLS implementations compares several of the most notable libraries. There are several TLS implementations which are free software and open source.

<span class="mw-page-title-main">RIOT (operating system)</span> Real-time operating system

RIOT is a small operating system for networked, memory-constrained systems with a focus on low-power wireless Internet of things (IoT) devices. It is open-source software, released under the GNU Lesser General Public License (LGPL).

Let's Encrypt is a non-profit certificate authority run by Internet Security Research Group (ISRG) that provides X.509 certificates for Transport Layer Security (TLS) encryption at no charge. It is the world's largest certificate authority, used by more than 300 million websites, with the goal of all websites being secure and using HTTPS. The Internet Security Research Group (ISRG), the provider of the service, is a public benefit organization. Major sponsors include the Electronic Frontier Foundation (EFF), the Mozilla Foundation, OVH, Cisco Systems, Facebook, Google Chrome, Internet Society, AWS, NGINX, and Bill and Melinda Gates Foundation. Other partners include the certificate authority IdenTrust, the University of Michigan (U-M), and the Linux Foundation.

The Internet Security Research Group (ISRG) is a public-benefit non-profit corporation based in California which focuses on Internet security. The group is known for hosting and running the Let's Encrypt service, which aims to make Transport Layer Security (TLS) certificates available for free in an automated fashion. Josh Aas serves as the group's executive director.

<span class="mw-page-title-main">Automatic Certificate Management Environment</span> Protocol to manage public key certificates

The Automatic Certificate Management Environment (ACME) protocol is a communications protocol for automating interactions between certificate authorities and their users' servers, allowing the automated deployment of public key infrastructure at very low cost. It was designed by the Internet Security Research Group (ISRG) for their Let's Encrypt service.

s2n Open-source implementation of TLS

s2n-tls, originally named s2n, is an open-source C99 implementation of the Transport Layer Security (TLS) protocol developed by Amazon Web Services (AWS) and initially released in 2015. The goal was to make the code—about 6,000 lines long—easier to review than that of OpenSSL—with 500,000 lines, 70,000 of which are involved in processing TLS.

References

  1. 1 2 3 4 "Rustls README". GitHub . July 30, 2024. Retrieved August 20, 2024.
  2. "rustls/rustls releases". Github. Retrieved August 28, 2024.
  3. 1 2 3 Edge, Jake (May 4, 2021). "Rustls: memory safety for TLS". LWN.net . Retrieved August 20, 2024.
  4. 1 2 3 Melanson, Mike (April 23, 2021). "Rustls Looks to Provide a Memory-Safe Replacement for OpenSSL". The New Stack. Insight Partners . Retrieved August 20, 2024.
  5. Aas, Josh (April 20, 2021). "Preparing Rustls for Wider Adoption". Prossimo. Internet Safety Research Group. Retrieved August 20, 2024.
  6. 1 2 Vaughan-Nichols, Steven J. (November 2, 2021). "Prossimo: Making the Internet Memory Safe". The New Stack. Insight Partners . Retrieved August 20, 2024.
  7. "Rustls". Prossimo. Internet Safety Research Group. Retrieved August 21, 2024.
  8. Gran, Sarah (September 18, 2023). "Advancing Rustls and Rust for Linux with OpenSSF Support". Open Source Security Foundation (OpenSSF). Linux Foundation . Retrieved August 20, 2024.
  9. "Comment from Amazon Web Services (Re: Open-Source Software Security RFI Response, Amazon Web Services)". Regulations.gov. November 8, 2023. Retrieved August 22, 2024.
  10. Aas, Josh (May 11, 2023). "AWS commits $1M to bring memory safety to critical parts of the Web". Prossimo. Internet Safety Research Group. Retrieved August 22, 2024.
  11. Gran, Sarah (July 11, 2023). "$1.5M from Sovereign Tech Fund to Fuel Memory Safety". Internet Security Research Group. Retrieved August 20, 2024.
  12. Tarakiyee, Tara (May 22, 2024). "On Rust, Memory Safety, and Open Source Infrastructure". Sovereign Tech Fund. Retrieved August 20, 2024.
  13. 1 2 3 4 Aas, Josh (May 8, 2024). "Rustls Gains OpenSSL and Nginx Compatibility". Prossimo. Internet Security Research Group. Retrieved August 20, 2024.
  14. "Healthcare apps on Fly". Fly. Retrieved August 22, 2024.
  15. Wang, Dana; Arasaratnam, Omkhar (February 26, 2024). "OpenSSF Supports White House's Efforts to Build More Secure and Measurable Software". Open Source Security Foundation (OpenSSF). Linux Foundation . Retrieved August 22, 2024.
  16. Tabak, Maria (March 22, 2022). "Rewarding Rust contributors with Peer Bonuses". Google Open Source Blog. Retrieved August 22, 2024.
  17. 1 2 "Crate rustls". Docs.rs. Retrieved August 21, 2024.
  18. 1 2 Aas, Josh (February 29, 2024). "Rustls Now Using AWS Libcrypto for Rust, Gains FIPS Support". Prossimo. Internet Security Research Group. Retrieved August 20, 2024.
  19. Aas, Josh (March 26, 2024). "The Rustls TLS Library Adds Post-Quantum Key Exchange Support". Prossimo. Internet Security Research Group. Retrieved August 21, 2024.
  20. "Rustls webpki README". GitHub. September 18, 2023. Retrieved August 22, 2024.
  21. "ServerName in rustls::pki_types". Docs.rs. Retrieved August 21, 2024.
  22. Aas, Josh (March 29, 2023). "Rustls 0.21.0 Released With Exciting New Features". Prossimo. Internet Security Research Group. Retrieved August 22, 2024.
  23. Stenberg, Daniel (February 9, 2021). "curl supports rustls". daniel.haxx.se. Retrieved August 21, 2024.
  24. "TLS libraries". everything curl. Retrieved August 22, 2024.
  25. Larabel, Michael (May 11, 2024). "Rustls Can Now Work With Nginx Via New OpenSSL Compatibility Layer". Phoronix . Retrieved August 21, 2024.
  26. Birr-Pixton, Joseph (June 14, 2010). "Third-party audit of rustls". jbp.io. Retrieved August 22, 2024.
  27. Cimpanu, Catalin (July 19, 2019). "A Rust-based TLS library outperformed OpenSSL in almost every category". ZDNET. Retrieved August 20, 2024.
  28. Ochagavía, Adolfo (January 4, 2024). "Securing the Web: Rustls on track to outperform OpenSSL". Prossimo. Internet Security Research Group. Retrieved August 20, 2024.
  29. Lorenc, Dan; Conill, Ariadne (January 24, 2023). "Building the first memory safe distro". Chainguard. Retrieved August 20, 2024.
  30. Palmieri, Luca (March 14, 2022). Zero to Production In Rust: An introduction to backend development in Rust. Luca Palmieri. p. 214. ISBN   979-8-8472-1143-7.
  31. "RustLS". The Goose Book. Retrieved August 21, 2024.
  32. Aas, Josh (October 9, 2020). "Memory Safe 'curl' for a More Secure Internet". Internet Security Research Group. Retrieved August 20, 2024.
  33. De Simone, Sergio (October 25, 2020). "Rust Hyper HTTP Library Will Contribute to Make Curl Safer". InfoQ. Retrieved August 20, 2024.
  34. Kampanakis, Panos (February 17, 2022). "Introducing s2n-quic, a new open-source QUIC protocol implementation in Rust". AWS Security Blog. Retrieved August 22, 2024.
  35. 1 2 Cimpanu, Catalin (February 2, 2021). "Google funds project to secure Apache web server with new Rust component". ZDNET. Retrieved August 20, 2024.
  36. 1 2 Eissing, Stefan (March 1, 2022). "Bringing Memory Safe TLS to Apache httpd". Prossimo. Internet Security Research Group. Retrieved August 20, 2024.
  37. "Apache HTTP Server Version 2.4: Apache Module mod_tls". Apache HTTP Server Project. Apache Software Foundation . Retrieved August 22, 2024.
  38. "How to Talk to Your Manager About Memory Safety". Internet Society . October 10, 2023. Retrieved August 22, 2024.
  39. Davidoff, Sergey "Shnatsel" (September 4, 2023). "Keeping Rust projects secure with cargo-audit 0.18: performance, compatibility and security improvements". Inside Rust Blog. Retrieved August 21, 2024.
  40. Weisman, Eliza (July 23, 2020). "Under the hood of Linkerd's state-of-the-art Rust proxy, Linkerd2-proxy". Linkerd. Cloud Native Computing Foundation . Retrieved August 20, 2024.
  41. Lewkowicz, Jakub (September 29, 2023). "SD Times Open-Source Project of the Week: Wolfi". SD Times. Retrieved August 20, 2024.
  42. Claburn, Thomas (January 26, 2023). "Memory safety is the new black, fashionable and fit for any occasion: Calls to avoid C/C++ and embrace Rust grow louder". The Register . Retrieved August 20, 2024.
  43. Aas, Josh (June 24, 2024). "More Memory Safety for Let's Encrypt: Deploying ntpd-rs". Let's Encrypt. Internet Security Research Group. Retrieved August 21, 2024.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.