Cookie policy: This site uses cookies (small files stored on your computer) to simplify and improve your experience of this website. Cookies are small text files stored on the device you are using to access this website. For more information on how we use and manage cookies please take a look at our privacy and cookie policies. Some parts of the site may not work properly if you choose not to accept cookies.


AWS introduces improved encryption protocol

’Signal to noise’ is a faster, lighter implementation of TLS

Amazon Web Services has relesed an open source encryption tool called ’Signal to Noise’ (s2n) that improves on the popular TLS protocol, formerly known as SSL.

Stephen Schmidt, Chief Information Security Officer at AWS, said that over the past 18 months TLS has proved itself as unreliable and overly complex.

s2n was designed to be simple: it contains arouind 6,000 lines of code, as opposed to 70,000 lines needed to process TLS.

“Over the coming months, we will begin integrating s2n into several AWS services. TLS is a standardized protocol and s2n already implements the functionality that we use, so this won’t require any changes in your own applications and everything will remain interoperable,” Schmidt wrote in a blog post.

Signal to Noise

Small is beautiful

AWS uses encryption as part of services like Amazon S3, Cloud Front and Elastic Load Balancing. The company has long championed the causes of privacy and security, and voiced strong opposition to the mass surveliance programs run by the US intelligence agencies. Encryption is an integral part of these efforts.

s2n was designed to be small, fast and simple. It was written with a focus on reviewability, to avoid situations where critical flaws in the code base would remain undiscovered for years - like with the notorious Heartbleed and FREAK vulnerabilities.

s2n serves as an analogue of the ’libsssl’ librry in OpenSSL, but avoids implementing rarely used options and extensions. Best of all, it is available under the terms of the Apache Software License 2.0, which means interested parties can integrate s2n encryption in their own products.

”We’ve found that it is easier to review s2n; we have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing,” wrote Schmidt.

The GitHub page of the project states that at least two penetration tests were carried out by commercial vendors, suggesting AWS is serious about supporting s2n for years to come.

Readers' comments (1)

  • Yep, AWS cuts the mustard when we talk about secured encryption protocol. Its S3 services superbly exceptional when it comes to integration with a application. Furthermore, I came across and registered for a webinar on 'Building Amazing Web Applications ....

    Unsuitable or offensive? Report this comment

  • Thanks for the spam Eshan. Glad you read the article

Have your say

Please view our terms and conditions before submitting your comment.



More link