A Comparison of Popular Open Source Libraries Implementing the SSL/TLS Protocols With Particular Focus on Compatibility, Security, and Performance.
u Richard Joy Motivation
u Open source software is a valuable resource for developers. Open source software is usually:
u Free
u Financial
u Usage u Compatible
u Source can be compiled for many platforms u Verifiab le
u Source can be reviewed by anyone Motivation
u TLS (and previously, SSL) is widely used for encrypted communications across networks
u Web sites
u VPN
u SSH u Evolution over time
u SSL->SSLv2->SSLv3->TLS->TLS1.1->TLS1.2 u Different “flavors”
u Key exchange
u Symmetric algorithms used Implementations
u OpenSSL – Most popular u GnuTLS – Written to comply with the GPL u NSS – Maintained by Mozilla (Firefox) u MatrixSSL – Designed for embedded systems u JSSE – Java implementation (mobile devices) Criteria
u Compatibility
u Licensing
u Prerequisites u Security
u Accredited
u Remediation u Performance
u Common operations Compatibility
License Type Technical Dependencies
OpenSSL Dual (OpenSSL/Eric Standard C libraries Young)
GnuTLS LGPLv2.1 Standard C libraries, nettle, gmplib
NSS MPLv2 Netscape Portable Runtime (NSPR)
JSSE GPLv2 (OpenJDK) JVM
MatrixSSL GPL or Commercial Reduced set of standard C libraries Common Licensing Requirements u Source code must be provided u Copyright notices must be included u Must obey export restrictions u Derivative works placed under the same license Security - Contributors
u OpenSSL – Maintained by the OpenSSL Foundation
u Contributions are accepted by review process u GnuTLS - Copyright held by the Free Software Foundation
u Currently maintained by Nikos Mavrogiannopoulos
u Multiple other contributors u NSS – Maintained by Mozilla u MatrixSSL – Maintained by PeerSec Networks u JSSE – Maintained by Oracle under the OpenJDK project
u Multiple other contributors Security – NIST FIPS 140-2
u OpenSSL provides a FIPS 140-2 accredited module.
u Must be built and used in exactly the way it was evaluated by NIST.
u Difficult to use without re-accreditation
u Expensive ($50,000+) Security – NIST RSA Validation u Per implementation – Implementations have been validated using:
u OpenSSL
u GnuTLS
u NSS
u MatrixSSL
u JSSE (Java) Security – NIST AES Validation u Per Implementation – Implementations have been validated using:
u OpenSSL
u GnuTLS
u NSS
u MatrixSSL
u JSSE (Java) Performance - Asymmetric
Signing a message using SHA256 and a 2048-bit RSA key Performance – Symmetric, Short
Encrypting a 127-bit message with AES, using a 256-bit key Performance – Symmetric, Medium
Encrypting a 1024-bit message with AES, using a 256-bit key Performance – Symmetric, Long
Encrypting a 65536-bit message with AES, using a 256-bit key Conclusions
u Similar licensing schemes
u Differ largely in how derivative works are licensed u Dependencies widely available
u Embedded applications may not have standard system calls
u Mobile devices more likely to be compatible with JSSE Conclusions
u All backed by cohesive organization
u NSS and MatrixSSL show limited evidence of outside contributors u Standard Validations
u OpenSSL provides FIPS 140-2 module
u JSSE not specifically mentioned by NIST, some Java projects have been validated Conclusions
u OpenSSL performed well in symmetric and asymmetring testing u MatrixSSL was a disappointing performer.