|
MatrixSSL
MatrixSSL is an open-source TLS/SSL implementation designed for custom applications in embedded hardware environments. The MatrixSSL library contains a full cryptographic software module that includes industry-standard public key and symmetric key algorithms. It is now called the Inside Secure TLS Toolkit. Features Features: * Protocol versions ** SSL 3.0 ** TLS 1.0 ** TLS 1.1 ** TLS 1.2 ** TLS 1.3 ** DTLS 1.0 ** DTLS 1.2 * Public key algorithms ** RSA ** Elliptic curve cryptography ** Diffie–Hellman * Symmetric key algorithms ** AES ** AES-GCM ** Triple DES ** ChaCha ** ARC4 ** SEED * Supported cipher suites ** TLS_AES_128_GCM_SHA256 (TLS 1.3) ** TLS_AES_256_GCM_SHA384 (TLS 1.3) ** TLS_CHACHA20_POLY1305_SHA256 (TLS 1.3) ** TLS_DHE_RSA_WITH_AES_128_CBC_SHA ** TLS_DHE_RSA_WITH_AES_256_CBC_SHA ** TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 ** TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 ** SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA ** TLS_RSA_WITH_SEED_CBC_SHA ** TLS_DHE_PSK_WITH_AES_128_CBC_S ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Comparison Of TLS Implementations
The Transport Layer Security (TLS) protocol provides the ability to secure communications across networks. This comparison of TLS implementations compares several of the most notable libraries. There are several TLS implementations which are free software and open source. All comparison categories use the stable version of each implementation listed in the overview section. The comparison is limited to features that directly relate to the TLS protocol. Overview TLS/SSL protocol version support Several versions of the TLS protocol exist. SSL 2.0 is a deprecated /tools.ietf.org/html/rfc6176 RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0/ref> protocol version with significant weaknesses. SSL 3.0 (1996) and TLS 1.0 (1999) are successors with two weaknesses in CBC-padding that were explained in 2001 by Serge Vaudenay. TLS 1.1 (2006) fixed only one of the problems, by switching to random initialization vectors (IV) for CBC block ciphers, whereas the more problem ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DTLS
Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications by allowing them to communicate in a way designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport—the application does not suffer from the delays associated with stream protocols, but because it uses UDP or SCTP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet. Because DTLS uses UDP or SCTP rather than TCP, it avoids the "TCP meltdown problem", when being used to create a VPN tunnel. Definition The following documents define DTLS: * for use with User Datagram Protocol (UDP), * for use with Datagram Congestion Control Protocol (DCCP), * for use wit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Transport Layer Security
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications. It runs in the presentation layer and is itself composed of two layers: the TLS record and the TLS handshake protocols. The closely related Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications. In technical writing you often you will see references to (D)TLS when it applies to both versions. TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Secure Sockets Layer
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. The TLS protocol aims primarily to provide security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography, such as the use of certificates, between two or more communicating computer applications. It runs in the presentation layer and is itself composed of two layers: the TLS record and the TLS handshake protocols. The closely related Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications. In technical writing you often you will see references to (D)TLS when it applies to both versions. TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Rambus
Rambus Incorporated, founded in 1990, is an American technology company that designs, develops and licenses chip interface technologies and architectures that are used in digital electronics products. The company is well known for inventing RDRAM and for its intellectual property-based litigation following the introduction of DDR-SDRAM memory. History Rambus was founded in March, 1990 by electrical and computer engineers, Dr. Mike Farmwald and Dr. Mark Horowitz. The company's early investors included premier venture capital and investment banking firms such as Kleiner Perkins Caufield and Byers, Merrill Lynch, Mohr Davidow Ventures, and Goldman Sachs. Rambus was incorporated and founded as California company in 1990 and then re-incorporated in the state of Delaware before the company went public in 1997 on the NASDAQ stock exchange under the symbol RMBS. In the 1990s, Rambus was a high-speed interface technology development and marketing company that invented 600& ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cipher Suite
A cipher suite is a set of algorithms that help secure a network connection. Suites typically use Transport Layer Security (TLS) or its now-deprecated predecessor Secure Socket Layer (SSL). The set of algorithms that cipher suites usually contain include: a key exchange algorithm, a bulk encryption algorithm, and a message authentication code (MAC) algorithm. The key exchange algorithm is used to exchange a key between two devices. This key is used to encrypt and decrypt the messages being sent between two machines. The bulk encryption algorithm is used to encrypt the data being sent. The MAC algorithm provides data integrity checks to ensure that the data sent does not change in transit. In addition, cipher suites can include signatures and an authentication algorithm to help authenticate the server and or client. Overall, there are hundreds of different cipher suites that contain different combinations of these algorithms. Some cipher suites offer better security than others ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Mutual Authentication
Mutual authentication or two-way authentication (not to be confused with two-factor authentication) refers to two parties authenticating each other at the same time in an authentication protocol. It is a default mode of authentication in some protocols ( IKE, SSH) and optional in others ( TLS). Mutual authentication is a desired characteristic in verification schemes that transmit sensitive data, in order to ensure data security. Mutual authentication can be accomplished with two types of credentials: usernames and passwords, and public key certificates. Mutual authentication is often employed in the Internet of Things (IoT). Writing effective security schemes in IoT systems can become challenging, especially when schemes are desired to be lightweight and have low computational costs. Mutual authentication is a crucial security step that can defend against many adversarial attacks, which otherwise can have large consequences if IoT systems (such as e-Healthcare servers) are hacke ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
PKCS 1
In cryptography, PKCS #1 is the first of a family of standards called Public-Key Cryptography Standards (PKCS), published by RSA Laboratories. It provides the basic definitions of and recommendations for implementing the RSA algorithm for public-key cryptography. It defines the mathematical properties of public and private keys, primitive operations for encryption and signatures, secure cryptographic schemes, and related ASN.1 syntax representations. The current version is 2.2 (2012-10-27). Compared to 2.1 (2002-06-14), which was republished as RFC 3447, version 2.2 updates the list of allowed hashing algorithms to align them with FIPS 180-4, therefore adding SHA-224, SHA-512/224 and SHA-512/256. Keys The PKCS #1 standard defines the mathematical definitions and properties that RSA public and private keys must have. The traditional key pair is based on a modulus, , that is the product of two distinct large prime numbers, and , such that n = pq. Starting with version 2.1, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
PKCS 8
In cryptography, PKCS #8 is a standard syntax for storing private key information. PKCS #8 is one of the family of standards called Public-Key Cryptography Standards (PKCS) created by RSA Laboratories. The latest version, 1.2, is available as RFC 5208. The PKCS #8 private key may be encrypted with a passphrase using the PKCS #5 standards, which supports multiple ciphers. - Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification Version 1.2 A new version 2 was proposed by S. Turner in 2010 as RFC 5958 - Asymmetric Key Packages and might obsolete RFC 5208 someday in the future. PKCS #8 private keys are typically exchanged in the PEM base64 In computer programming, Base64 is a group of binary-to-text encoding schemes that represent binary data (more specifically, a sequence of 8-bit bytes) in sequences of 24 bits that can be represented by four 6-bit Base64 digits. Common to all bina ...-encoded format, for example: -----BEGIN PRIVATE KEY----- ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Transmission Control Protocol
The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network. Major internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP, which is part of the Transport Layer of the TCP/IP suite. SSL/TLS often runs on top of TCP. TCP is connection-oriented, and a connection between client and server is established before data can be sent. The server must be listening (passive open) for connection requests from clients before a connection is established. Three-way handshake (active open), retransmission, and error detection adds to reliability but lengthens latency. A ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GitHub
GitHub, Inc. () is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continuous integration, and wikis for every project. Headquartered in California, it has been a subsidiary of Microsoft since 2018. It is commonly used to host open source software development projects. As of June 2022, GitHub reported having over 83 million developers and more than 200 million repositories, including at least 28 million public repositories. It is the largest source code host . History GitHub.com Development of the GitHub.com platform began on October 19, 2007. The site was launched in April 2008 by Tom Preston-Werner, Chris Wanstrath, P. J. Hyett and Scott Chacon after it had been made available for a few months prior as a beta release. GitHub has an annual keynote called GitHub Universe. Organizat ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ARC4
In cryptography, RC4 (Rivest Cipher 4, also known as ARC4 or ARCFOUR, meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP. , there is speculation that some state cryptologic agencies may possess the capability to break RC4 when used in the TLS protocol. IETF has published RFC 7465 to prohibit the use of RC4 in TLS; Mozilla and Microsoft have issued similar recommendations. A number of attempts have been made to strengthen RC4, notably Spritz, RC4A, VMPC, and RC4+. History RC4 was designed by Ron Rivest of RSA Security in 1987. While it is officially termed "Rivest Cipher 4", the RC acronym is alternatively understood to ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
