SSLeay

Last updated
SSLeay
Original author(s) Eric Andrew Young, Tim J. Hudson
Initial release1995?
Type Secure Sockets Layer 3.0 implementation
License SSLeay License

SSLeay is an open-source SSL implementation. It was developed by Eric Andrew Young [1] and Tim J. Hudson as an SSL 3.0 implementation using RC2 and RC4 encryption. [2] The recommended pronunciation is to say each letter s-s-l-e-a-y and was first developed by Eric A. Young ("eay"). [3] SSLeay also included an implementation of the DES from earlier work by Eric Young which was believed to be the first open-source implementation of DES. Development of SSLeay unofficially mostly ended, and volunteers forked the project under the OpenSSL banner around December 1998, when Hudson and Young both commenced working for RSA Security in Australia.

Contents

SSLeay

SSLeay was developed by Eric A. Young, starting in 1995. Windows support was added by Tim J. Hudson. Patches to open source applications to support SSL using SSLeay were produced by Tim Hudson. Development by Young and Hudson ceased in 1998. The SSLeay library and codebase is licensed under its own SSLeay License, a form of free software license. [2] [3] [4] The SSLeay License is a BSD-style open-source license, almost identical to a four-clause BSD license. [5]

SSLeay supports X.509v3 certificates and PKCS#10 certificate requests. [6] It supports SSL2 and SSL3. [7] Also supported is TLSv1. [8]

The first secure FTP implementation was created under BSD using SSLeay by Tim Hudson. [1]

The first open source Certifying Authority implementation was created with CGI scripts using SSLeay by Clifford Heath.

Forks

OpenSSL is a fork and successor project to SSLeay and has a similar interface to it. [3] [9] After Young and Hudson joined RSA Corporation, volunteers forked SSLeay and continued development as OpenSSL. [2]

BSAFE SSL-C is a fork of SSLeay developed by Eric A. Young and Tim J. Hudson for RSA Corporation. It was released as part of BSAFE SSL-C. [2] [10]

Related Research Articles

<span class="mw-page-title-main">Apache HTTP Server</span> Open-source web server software

The Apache HTTP Server is a free and open-source cross-platform web server software, released under the terms of Apache License 2.0. It is developed and maintained by a community of developers under the auspices of the Apache Software Foundation.

The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.

<span class="mw-page-title-main">OpenSSL</span> Open-source implementation of the SSL and TLS protocols

OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites.

In cryptography, Camellia is a symmetric key block cipher with a block size of 128 bits and key sizes of 128, 192 and 256 bits. It was jointly developed by Mitsubishi Electric and NTT of Japan. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The cipher has security levels and processing abilities comparable to the Advanced Encryption Standard.

<span class="mw-page-title-main">FileZilla</span> Free software, cross-platform file transfer protocol application

FileZilla is a free and open-source, cross-platform FTP application, consisting of FileZilla Client and FileZilla Server. Clients are available for Windows, Linux, and macOS. Both server and client support FTP and FTPS, while the client can in addition connect to SFTP servers. FileZilla's source code is hosted on SourceForge.

This article lists communication protocols that are designed for file transfer over a telecommunications network.

C2Net was an Internet cryptography company founded by Sameer Parekh, which was sold to Red Hat in 2000. It was best known for its Stronghold secure webserver software.

Web server software allows computers to act as web servers. The first web servers supported only static files, such as HTML, but now they commonly allow embedding of server side applications.

<span class="mw-page-title-main">Network Security Services</span> Collection of cryptographic computer libraries

Network Security Services (NSS) is a collection of cryptographic computer libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME. NSS releases prior to version 3.14 are tri-licensed under the Mozilla Public License 1.1, the GNU General Public License, and the GNU Lesser General Public License. Since release 3.14, NSS releases are licensed under GPL-compatible Mozilla Public License 2.0.

<span class="mw-page-title-main">FreeBSD</span> Free and open-source Unix-like operating system

FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD). The first version of FreeBSD was released in 1993 developed from 386BSD and the current version runs on x86, ARM, PowerPC and RISC-V processors. The project is supported and promoted by the FreeBSD Foundation.

<span class="mw-page-title-main">Berkeley Software Distribution</span> Unix operating system

The Berkeley Software Distribution or Berkeley Standard Distribution (BSD) is a discontinued operating system based on Research Unix, developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Berkeley. The term "BSD" commonly refers to its open-source descendants, including FreeBSD, OpenBSD, NetBSD, and DragonFly BSD.

<span class="mw-page-title-main">OpenBSD</span> Operating system

OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. The OpenBSD project emphasizes portability, standardization, correctness, proactive security, and integrated cryptography.

Mbed TLS is an implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required. It is distributed under the Apache License version 2.0. Stated on the website is that Mbed TLS aims to be "easy to understand, use, integrate and expand".

<span class="mw-page-title-main">OpenSSH</span> Set of computer programs providing encrypted communication sessions

OpenSSH is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture.

wolfSSL is a small, portable, embedded SSL/TLS library targeted for use by embedded systems developers. It is an open source implementation of TLS written in the C programming language. It includes SSL/TLS client libraries and an SSL/TLS server implementation as well as support for multiple APIs, including those defined by SSL and TLS. wolfSSL also includes an OpenSSL compatibility interface with the most commonly used OpenSSL functions.

The Transport Layer Security (TLS) protocol provides the ability to secure communications across or inside networks. This comparison of TLS implementations compares several of the most notable libraries. There are several TLS implementations which are free software and open source.

<span class="mw-page-title-main">ProFTPD</span> Open-source FTP server software

ProFTPD is an FTP server. ProFTPD is Free and open-source software, compatible with Unix-like systems and Microsoft Windows . Along with vsftpd and Pure-FTPd, ProFTPD is among the most popular FTP servers in Unix-like environments today. Compared to those, which focus e.g. on simplicity, speed or security, ProFTPD's primary design goal is to be a highly feature rich FTP server, exposing a large amount of configuration options to the user.

Dell BSAFE, formerly known as RSA BSAFE, is a FIPS 140-2 validated cryptography library, available in both C and Java. BSAFE was initially created by RSA Security, which was purchased by EMC and then, in turn, by Dell. When Dell sold the RSA business to Symphony Technology Group in 2020, Dell elected to retain the BSAFE product line. BSAFE was one of the most common encryption toolkits before the RSA patent expired in September 2000. It also contained implementations of the RCx ciphers, with the most common one being RC4. From 2004 to 2013 the default random number generator in the library was a NIST-approved RNG standard, widely known to be insecure from at least 2006, containing a kleptographic backdoor from the American National Security Agency (NSA), as part of its secret Bullrun program. In 2013 Reuters revealed that RSA had received a payment of $10 million to set the compromised algorithm as the default option. The RNG standard was subsequently withdrawn in 2014, and the RNG removed from BSAFE beginning in 2015.

<span class="mw-page-title-main">LibreSSL</span> Open-source implementation of TLS protocols; forked from OpenSSL in 2014

LibreSSL is an open-source implementation of the Transport Layer Security (TLS) protocol. The implementation is named after Secure Sockets Layer (SSL), the deprecated predecessor of TLS, for which support was removed in release 2.3.0. The OpenBSD project forked LibreSSL from OpenSSL 1.0.1g in April 2014 as a response to the Heartbleed security vulnerability, with the goals of modernizing the codebase, improving security, and applying development best practices.

References

  1. 1 2 David Ross (1999). "An Implementation of Secure FTP". Proceedings of Open Source AUUG '99. p. 96.
  2. 1 2 3 4 Simson Garfinkel, Gene Spafford (2002). Web Security, Privacy & Commerce. O'Reilly. p.  114. ISBN   0596000456.
  3. 1 2 3 David Gourley, Brian Totty (2002). HTTP: The Definitive Guide . O'Reilly. p.  329. ISBN   1565925092.
  4. Eric A. Young (1998). SSLeay License.
  5. OpenSSL Project (1999). LICENSE.{{cite book}}: |work= ignored (help)
  6. Sokratis Katsikas (1997). Communications and Multimedia Security. Springer. p. 54. ISBN   0412817705.
  7. Mohammed J. Kabir (1999). Apache Server: Administrator's Handbook. IDG. p. 402. ISBN   0764533061.
  8. Man Young Rhee (2003). Internet Security: Cryptographic Principles, Algorithms and Protocols. Wiley. p. 277. ISBN   0470852852.
  9. Bryan Hong (2006). Building an Internet Server With Freebsd 6. Unorthodocs. p. 105. ISBN   9781411695740.
  10. RSA Data Security (1999). "RSA Introduces BSAFE SSL-C for Worldwide Markets". PR Newswire.

See also