Amazon releases open source cryptographic module
Diposting : Kamis, 09 Jul 2015

"Potentially saving the world from another online security disaster like
last year's Heartbleed, Amazon Web Services has released as open source
a cryptographic module for securing sensitive data passing over the
Internet.

The software, s2n, is a new implementation of Transport Layer Security
(TLS), a protocol for encrypting data. TLS is the successor of SSL
(Secure Sockets Layer), both of which AWS uses to secure most of its
services.
...
The s2n library implements TLS in 6,000 lines of code, significantly
fewer than the 70,000-line implementation of TLS in OpenSSL, today's de
facto implementation of TLS.

"Naturally with each line of code there is a risk of error, but this
large size [of the OpenSSL TLS] also presents challenges for code
audits, security reviews, performance, and efficiency," wrote Stephen
Schmidt, AWS chief information security officer, in a blog post
announcing the release of s2n."

Sumber

Disclaimer | Copyright © 2013 - Id-SIRTII/CC
Id-SIRTII/CC - Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center
Menara Ravindo Lt. 17, Jl. Kebon Sirih No. 75 Jakarta Pusat, 10340, Indonesia
Member of: