HOME
The Info List - MatrixSSL





MatrixSSL is an open-source TLS/SSL implementation designed for custom applications in embedded hardware environments.[3][4][5] The MatrixSSL library contains a full cryptographic software module that includes industry-standard public key and symmetric key algorithms. It is now called the GUARD TLS Toolkit.[6]

Contents

1 Features 2 Major Releases 3 See also 4 External links 5 References

Features[edit] Features:[7]

Protocol versions

SSL 3.0 TLS 1.0 TLS 1.1 TLS 1.2 DTLS 1.0 DTLS 1.2

Public key algorithms

RSA Elliptic curve cryptography Diffie–Hellman

Symmetric key algorithms

AES AES-GCM Triple DES ARC4 SEED

Supported cipher suites

TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA TLS_DHE_PSK_WITH_AES_128_CBC_SHA TLS_DHE_PSK_WITH_AES_256_CBC_SHA TLS_PSK_WITH_AES_128_CBC_SHA TLS_PSK_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_RSA_WITH_AES_128_CBC_SHA TLS_ECDH_RSA_WITH_AES_256_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 TLS_DH_anon_WITH_AES_128_CBC_SHA TLS_DH_anon_WITH_AES_256_CBC_SHA SSL_DH_anon_WITH_3DES_EDE_CBC_SHA SSL_DH_anon_WITH_RC4_128_MD5

Client authentication Secure Renegotiation Standard Session Resumption Stateless Session Resumption Transport independent PKCS#1 and PKCS#8 key parsing False Start Max Fragment Length extension Optional PKCS#11 Crypto Interface

Major Releases[edit]

Version[8] Date

3.9.0 Mar 2017

3.8.3 Apr 2016

3.7.1 Dec 2014

3.6 Apr 2014

3.4 Jan 2013

3.3 Feb 2012

3.2 Jun 2011

3.1 Mar 2010

3.0 Aug 2009

2.2 Jan 2008

2.1 Nov 2005

1.7 Apr 2005

1.1 May 2004

1.0 Jan 2004

See also[edit]

Comparison of TLS implementations GnuTLS wolfSSL

External links[edit]

Official website Inside Secure website

References[edit]

^ PeerSec Networks ^ "release_notes-3.9.3-open". 2017-06-22. Retrieved 2017-11-17.  ^ "Evaluating PeerSec Networks' MatrixSSL on a Stellaris® Microcontroller" (PDF). Texas Instruments. 2009-06-24. Retrieved 2014-08-13.  ^ Eronen, Pasi (2006-11-09). "TLS Record Layer Bugs". IETF67 TLS WG. Retrieved 2014-08-13.  ^ Young, Craig (2016-10-10). "Flawed MatrixSSL Code Highlights Need for Better IoT Update Practices". tripwire.com. Tripwire, Inc. Retrieved 2017-11-17.  ^ "GUARD TLS-TK, a compact TLS/ DTLS stack for embedded security". Retrieved 2017-11-17.  ^ " MatrixSSL Documentation". Retrieved 2014-08-13.  ^ " MatrixSSL Release Notes". 

v t e

Cryptographic software

Email clients

Apple Mail Claws Mail Enigmail GPG (Gpg4win) Kontact Outlook p≡p PGP Sylpheed Thunderbird

Secure communication

OTR

Adium BitlBee Centericq ChatSecure climm Jitsi Kopete MCabber Profanity

SSH

Dropbear lsh OpenSSH PuTTY SecureCRT WinSCP wolfSSH Xshell

TLS & SSL

Bouncy Castle BoringSSL Botan cryptlib GnuTLS JSSE LibreSSL MatrixSSL NSS OpenSSL mbed TLS RSA BSAFE SChannel SSLeay stunnel wolfSSL

VPN

Check Point VPN-1 Hamachi Openswan OpenVPN SoftEther VPN strongSwan Tinc

ZRTP

CSipSimple Jitsi Linphone Ring Zfone

P2P

Bitmessage RetroShare Tox

DRA

Matrix OMEMO

Conversations Cryptocat ChatSecure

Proteus Signal Protocol

Google Allo Facebook Messenger Signal TextSecure WhatsApp

Disk encryption (Comparison)

BestCrypt BitLocker CrossCrypt Cryptoloop DiskCryptor dm-crypt DriveSentry E4M eCryptfs FileVault FreeOTFE GBDE geli LUKS PGPDisk Private Disk Scramdisk Sentry 2020 TrueCrypt

History

VeraCrypt

Anonymity

GNUnet I2P Java Anon Proxy Tor Vidalia RetroShare Ricochet Wickr

File
File
systems (List)

EncFS EFS eCryptfs LUKS PEFS Rubberhose StegFS Tahoe-LAFS

Service providers

Freenet Tresorit TeamDrive Wuala

Educational

CrypTool

Related topics

Outline of cryptography Timeline of cryptography Hash functions

Cryptographic hash function List of hash functions

S/MIME

Category Commons Portal

v t e

TLS and SSL

Protocols and technologies

Transport Layer Security / Secure Sockets Layer (TLS/SSL) Datagram Transport Layer Security (DTLS) Server Name Indication (SNI) Application-Layer Protocol Negotiation (ALPN) DNS-based Authentication of Named Entities (DANE) DNS Certification Authority Authorization (CAA) HTTPS HTTP Strict Transport Security
HTTP Strict Transport Security
(HSTS) HTTP Public Key Pinning (HPKP) OCSP stapling Perfect forward secrecy STARTTLS

Public-key infrastructure

Automated Certificate Management Environment (ACME) Certificate authority
Certificate authority
(CA) CA/Browser Forum Certificate policy Certificate revocation list (CRL) Domain-validated certificate (DV) Extended Validation Certificate
Extended Validation Certificate
(EV) Online Certificate Status Protocol (OCSP) Public key certificate Public-key cryptography Public key infrastructure
Public key infrastructure
(PKI) Root certificate Self-signed certificate

See also

Domain Name System Security Extensions (DNSSEC) Internet Protocol Security (IPsec) Secure Shell
Secure Shell
(SSH)

History

Export of cryptography from the United States Server-Gated Cryptography

Implementations

Bouncy Castle BoringSSL Botan cryptlib GnuTLS JSSE LibreSSL MatrixSSL mbed TLS NSS OpenSSL RSA BSAFE S2n SChannel SSLeay stunnel wolfSSL

Notaries

Certificate Transparency Convergence HTTPS
HTTPS
Everywhere Perspectives Project

Vulnerabilities

Theory

Man-in-the-middle attack Padding oracle attack

Cipher

Bar mitzvah attack

Protocol

BEAST BREACH CRIME DROWN Logjam POODLE
POODLE
(in regards to SSL 3.0)

Implementation

Certificate authority
Certificate authority
compromise Random number generator attacks FREAK goto fail Heartbleed Lucky Thirteen attack POODLE
POODLE
(in regards to TLS 1.0)

Free software portal Cryptog

.