Introducing s2n, An Open-Source TLS implementation from Amazon

Written by Eric Griffith in Free Software on 4 July 2015 at 09:29 PM EDT. Add A Comment
FREE SOFTWARE
A few days ago Amazon revealed a project that they had been working on over the last few months: s2n. s2n is a new, open source, implementation of the TLS protocol.

s2n is not meant to be a complete replacement of OpenSSL, or any other TLS-compliant library, instead s2n is focusing on being "small, fast, with simplicity as a priority." Amazon notes that the the de facto reference implementation of TLS-- OpenSSL-- contains more than 500,000 lines of code, with 70,000 of those just for processing TLS. Comparatively, s2n, by not implementing every single extension or option, is only ~6,000 lines of code.

Amazon notes that the major reason they decided to write s2n was due to how complex the TLS protocol is and that every line of code increases the surface area for vulnerabilities and errors. s2n is going to be limited to only supporting the extensions and options that Amazon itself needs to support its Web Services platform, and it will be rolling out s2n to Web Services gradually over the coming months.

Find more information in the blog post linked above. Code is available on GitHub.
Related News
Popular News This Week