[Cryptography] Amazon releases open source cryptographic module
Paul Ferguson
fergdawgster at mykolab.com
Thu Jul 2 14:19:45 EDT 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I had not seen this mentioned here yet, so FYI:
Amazon releases open source cryptographic module
The s2n module could serve as a leaner replacement for the OpenSSL TLS
module
Potentially saving the world from another online security disaster
like last year's Heartbleed, Amazon Web Services has released as open
source a cryptographic module for securing sensitive data passing over
the Internet.
The software, s2n, is a new implementation of Transport Layer Security
(TLS), a protocol for encrypting data. TLS is the successor of SSL
(Secure Sockets Layer), both of which AWS uses to secure most of its
services.
The AWS engineers who designed s2n, short for signal-to-noise, reduced
the amount of code needed to implement TLS, with the hopes of making
it easier to spot potential security vulnerabilities.
The s2n library implements TLS in 6,000 lines of code, significantly
fewer than the 70,000-line implementation of TLS in OpenSSL, today's
de facto implementation of TLS.
More:
http://www.infoworld.com/article/2942742/security/amazon-releases-open-s
ource-cryptographic-module.html
http://blogs.aws.amazon.com/security/blog/author/Stephen+Schmidt+
https://github.com/awslabs/s2n
- - ferg
- --
Paul Ferguson
PGP Public Key ID: 0x54DC85B2
Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iF4EAREIAAYFAlWVgMEACgkQKJasdVTchbJAVwEA0MIf9+nD+KVpPrZytkKReJtl
rgg+8Dkim78MVOjiC5IA/2QMANC7olpYhvtn7ecdXH/n6e/kfAKBjkaQtcC/TBpd
=QinC
-----END PGP SIGNATURE-----
More information about the cryptography
mailing list