LibTomNet [v0.01]

tom st denis tomstdenis at
Mon Jul 7 19:07:43 EDT 2003

--- Eric Rescorla <ekr at> wrote:
> [Standard rant follows... :)]
> I'm trying to figure out why this is a good idea even in principle.

Maybe its just me but SSL is overly complicated.  I've been dabbling
with crypto since I was sixteen.  I've written several popular libs
already [LibTomCrypt and LibTomMath] so while I'm not a PhD in crypto I
think I'm fairly competent enough to sit down and implement an
algorithm per specs [to a limit].

Two weeks ago I sat down to learn how to code my own SSL lib [key on
being small].  Suffice it to say after reading the 67 page RFC for SSL
3.0 I have no clue whatsoever how to implement SSL.  

The RFC looks like it was written by a member of the ACLU and done at
an hourly rate of some sort.  It contains no test vectors, no sample
source code and generally is not enough information to code a compliant
SSL protocol.

So I wrote LibTomNet.  It provides exactly what I wanted and is very
simple to understand and work with.

> I've seen <100k SSL implementations and that included the ASN.1
> processing for certs. I would imagine that one could do a compliant
> SSL implementation that used fixed RSA keys in roughly the same
> code size as your stuff.

My 64KB demo includes the server, the client, all the crypto [including
a full RSA implementation] and the LibTomNet protocol.  I could make
the demo smaller by manually trimming LibTomCrypt.

Not only is my code way smaller than a compliant SSL library but it is
also simpler.  There are only eight functions in LibTomNet and of
LibTomCrypt you only need a half dozen at most [setup the prng, RSA key
gen, export/import].  In otherwards my code is [should be] very easy to
work with since there is a minimum of clutter to get in the way.

I mean just download a copy [v0.03 is the latest] and check out the
demo [demos/ex1.c]!

At anyrate LibTomNet is not an SSL replacement.  It's a library for
developers who need simple to work with secure sockets.


Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list