AWS Releases Open Source TLS Encryption Protocol

s2n library designed to be smaller, faster, and easier to review than TLS

Nicole Henderson, Contributor

July 1, 2015

1 Min Read
AWS Releases Open Source TLS Encryption Protocol
Rendering of an Amazon campus currently under construction in Seattle’s Denny Triangle neighborhood (Image:

logo-WHIR

logo-WHIR

This article originally appeared at The WHIR

Amazon Web Services has released a new open source implementation of the TLS encryption protocol, called signal to noise (s2n). Released on Tuesday, the s2n library is designed to be smaller, faster and easier to review than TLS.

According to a blog post by Stephen Schmidt, VP and chief security officer for AWS, s2n today is “just more than 6,000 lines of code”, considerably less than OpenSSL, the most popular reference implementation, which contains more than 500,000 lines of code with 70,000 of those involved in processing TLS. He said that s2n isn’t a replacement for OpenSSL: “OpenSSL provides two main libraries: ‘libssl’, which implements TLS, and ‘libcrypto, which is a general-purpose cryptography library. Think of s2n as an analogue of ‘libssl,’ but not ‘libcrypto.’”

“The last 18 months or so has been an eventful time for the TLS protocol. Impressive cryptography analysis highlighted flaws in several TLS algorithms that are more serious than previously thought, and security research revealed issues in several software implementations of TLS,” Schmidt said. “Overall, these developments are positive and improve security, but for many they have also led to time-consuming operational events, such as software upgrades and certificate rotations.”

In March, a TLS vulnerability known as the FREAK attack was discovered, which allowed attackers to intercept HTTPS connections between clients and servers.

AWS plans to integrate s2n into several AWS services over the next few months.

The source code, documentation, commits and enhancements are all publicly available under the terms of the Apache Software License 2.0 from the s2n GitHub repository.

This first ran at http://www.thewhir.com/web-hosting-news/aws-releases-open-source-tls-encryption-protocol

About the Author

Nicole Henderson

Contributor, IT Pro Today

Nicole Henderson covers daily cloud news and features online for ITPro Today. Prior to ITPro Today, she was editor at Talkin' Cloud (now Channel Futures) and the WHIR. She has a bachelor of journalism from Ryerson University in Toronto.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like