Following Amazon’s announcement of s2n – Signal to Noise, Tod Beardsley, security engineering manager from Rapid7’s Commented on the Amazon’s announcement of s2n – Signal to Noise.
Tod Beardsley, Security Engineering Manager from Rapid7’s :
“Amazon’s announcement of s2n (which stands for “Signal to Noise”) is pretty exciting news. It’s nearly always a good thing when a major Internet company like Amazon sets its sights on improving a core Internet technology like Transport Layer Security (TLS) in a responsive, open source way. After Heartbleed, we saw something similar from Google with their release of BoringSSL, as well as OpenBSD’s volunteer-driven LibreSSL. All of these projects promise a stripped down version of SSL/TLS with an eye toward excising the cruft that leads to vulnerabilities and weird code paths in OpenSSL.
s2n’s most notable feature today is that it boasts only 6,000 lines of code, which makes manual code audits orders of magnitude easier. I don’t expect this extremely small base to last, though, in its current form, since there is no built-in support for major functionality like certificate parsing. So, it’s a small code base which is still going to depend on other projects for any sort of production use. That said, it seems like a good idea to separate the TLS functionality from the more general cryptography functionality, so bugs and features there can be fixed and tested in isolation.
s2n is also hosted on GitHub, which is pretty much *the* place to collaborate on open source projects these days. GitHub makes contributing super easy, so if people and organisations other than Amazon find value in s2n, it’ll be extremely difficult to kill it off. Similarly, if there are features that Amazon doesn’t want in s2n, but everyone else does, it’s pretty trivial to fork s2n.
Finally, Amazon has a well-regarded, mature vulnerability handling program. They don’t yet participate in any sort of bug bounty, but they have definitely been around the block when it comes to working with researchers in a cooperative, non-confrontational way when security issues crop up in AWS and other Amazon properties.
Under the question mark column, though, s2n is still intending to support some legacy protocols like SSLv3, though it is disabled by default.
This is a weird decision to make out of the gate, given that SSLv3 is now totally deprecated and not considered safe for any purpose. In contrast, LibreSSL has no support for SSLv3 at all, and BoringSSL has it disabled by default.
For comparison, BoringSSL also disables SSLv3 by default, and LibreSSL will soon remove support for it entirely.
Also, the touted “two separate random number generators” approach to seeding values for “public” and “private” operations sounds kind of like crypto snake oil on its face. If your random number generator is secure enough on its own, you shouldn’t ever need two. A basic principle of cryptography that a series of numbers generated securely should give no hints to what numbers are coming up, so implementing two seems like an invitation for future trouble.
All in all, I’m happy to see that we may actually be learning our lessons from the Heartbleed and related fiascos. OpenSSL is an amazing piece of technology, written by volunteers and funded by philanthropy, and is a key reason why we’re able to have jobs and buy things on the Internet. But, it’s time to make a serious crypto investment, and I’m very happy to see Amazon taking a lead on that.”