OpenSSL Gets Cryptography Gift From Sun 217
Kataire writes "C|Net posted this story about how Sun Microsystems' has donated 'elliptic curve' encryption technology, (developed by Whitfield Diffie of Diffie-Hellman public key fame) to the OpenSSL project. This potentially means better encryption for lighter-weight systems such as PDAs."
Shouldn't this be placed under a different section (Score:4, Interesting)
Nonetheless, it is great to see Sun contributing back to the community.
This does bring up one question in my mind though... could this be used in SSL acceleration cards to improve the effiency of the SSL 'processor' (i.e.: keep the same performance level while reducing the amount of power necessary)?
Offering from large companies (Score:5, Interesting)
Re:Shouldn't this be placed under a different sect (Score:4, Interesting)
OpenSSH is a baby of openBSD, and OpenSSH depends on OpenSSL.
The Eliptic curve stuff was donated to OpenSSH team, not the OpenSSL group. So dreaming about this in your ssl accelerated card of the future is a bit silly. However, if openSSH team open sources the tech, and that tech is under bsd lisence, then maybe it will work its way down into the chip makers crypto designes.
Re:It's not really that surprising (Score:2, Interesting)
Sun should watch out for blowback from these rebels. Look what happened when the US CIA funded, armed, and trained Saddam Hussein and Usama bin Laden.
In all seriousness, if the open source desktop succeeds, who is more likely to profit, Sun or Dell?
Re:Offering from large companies (Score:2, Interesting)
Well, any corporation can be beat if they screw up. Sun's stock hovers around 3 and Oracle is scraping by at 9. MSFT would have gone down with them had they not been aggressively buying their own shares to prop up the price. ( I fear they too will tank in time--yay)
Rather, open source developers can't be beat. You can't sue them, fire them, or force them one way or another. If one gets disgruntled about life and everything, five more rise to the occasion (with appropriate amount of bickering--but no ones dies of bickering... ni! ni! ni! ).
This, I think, is a perfect case of: Since they (the Corps) can't beat us (the OS Devs) they're joining us.
I just hope we don't jump on the bandwagon wholesale. Their evil ways are insidious, promising riches and glory,capitalism style, but lead straight down the Road to Perdition to the Bankruptcy Court.
Harken thee: inspect the mouth of the gift horse. (translation: watch your back OSS)
Re:It's not really that surprising (Score:4, Interesting)
No. I think it this move was designed to improve Apache's security and make it a greater e-commerce tool on solaris( and unix). Sun relizes that more sun webservers use apache then Iplanet so they are donating the code to openssl since apache uses it by default. And not to just attack Microsoft. However I do question the timing since newly discovered ssl flaw recently in IIS/IE is making headline news and CIO's nervous.
Something like this may have an impact in e-commerce purchasing decisions.
Re:Great! (Score:5, Interesting)
If strong encrypted money tokens were to be implemented on a wide scale for, say, Palm PocketPC, Zaurus, and maybe a special purpose StrongARM device, you could expect to see a cheap widespread secure electronic payment mechanism that you can use for micropayments.
Aside from the novelty of buying lunch with your PDA, this could be the next step towards truly secure electronic transfers. You can say goodbye to corporate privacy violations when you can pay for your online goods with secure anonymous electronic cash.
Imagine paying your peers in a P2P system for MP3s/OGGs/whatever. Providing fat bandwidth for P2P would be a potential money-maker, not merely a labor of love. Throw in an anonymizing protocol and you're selling MP3 bandwidth online securely and untraceably; the RIAA couldn't shut you down, because there'd be no way to figure out who you were.
That's the power of widespread strong crypto, especially in small devices.
Re:Offering from large companies (Score:1, Interesting)
Sun's views their business as servers, and big iron, places where linux is not really making such strong inroads. Mega-servers are still dominated by big iron.
So, having as much client competition as possible makes sense. So, good crypto on the client increases client competition, and weakens Microsoft's hold on it.
All Sun really needs is for linux to be a serious client competitor. Then the focus shifts to the server, where Sun dominates other companies.
You could see Microsoft use this strategy when they maintained rights to DOS after licensing to IBM. They licensed DOS to all hardware manufacturers, to make them compete. Hardware became a tough business, and Microsoft got a monopoly.
Re:Offering from large companies (Score:4, Interesting)
denegrating this contribution as if it's a new position sun isn't very fair to their company or their developers.
Re:Why is this significant? (Score:3, Interesting)
ECC uses smaller keys, which is suitable for very small networked devices like network appliances, that use cheap (<$1) 8-bit microprocessors with very small amounts of NVRAM.
Is eliptic curve cryptography actually faster than RSA?
Yes, which is the major advantage over RSA, more important in most applications than the storage of smaller keys. I don't know exactly but I estimate in the area of 10 to 100 times faster for "equal" level of confidence in security.
And if it IS faster, wouldn't it be much more useful for web servers than for PDAs?
Think mobile phones, or cheap network household appliances with 8 and 16-bit microprocessors with clock speeds less than 12MHz. It also means lower power comsumption which is important for most battery powered devices.
Re:Great! (Score:3, Interesting)
not to sound bitter... (Score:2, Interesting)
My crypto lib has supported [non-P1363] ECC crypto since quite sometime now. Big deal.
http://libtomcrypt.sunsite.dk
or
http://tom.i
I use ECC in the traditional ElGamal method without standard packet formats. But the idea is the same...
Tom
License? (Score:4, Interesting)
Not such a big deal, you might say, but there are two big problems with this: 1) It's incompatible with GNU GPL, so no straight GPL software can use OpenSSL, and 2) it causes huge practical problems [gnu.org].
Theses issues are a big [debian.org] problems [debian.org] for [debian.org] Debian [debian.org], in particular.
Re:It's not really that surprising (Score:4, Interesting)
I'll probably get modded out of commision for this, but I just really get tired of misspellings.
Even though I was on the netscape side, and got laid off, I'm still loyal to iPlanet. They gave me my start in the IT world (head Sysadmin for iPlanet Learning Solutions), and I can't thank them enough for it.
Re: algorithms vs. applications (Score:2, Interesting)
Your library is nice, it is portable C with tons of algorithms implemented. Test vectors. Most algorithms even have decently optimized implementations which is a plus.
But you lack protocols which are necessary to securely implement applications.
Using 3DES or AES is stupid if the application developer uses ECB (Electronic Code Book) mode of operation because it's faster and simpler. The application developer doesn't know that you need a HMAC to ensure intergity. What about replay attacks? Cut-and-paste attack?
I don't think you even have secure message padding for RSA implementation.
You have an interesting library of algorithms, but its is AFAIK lacking the "glue" to make it more useful than OpenSSL (which is ported and tested on many platforms, and heavily optimized assembly).
So to develop secure applications I will continue to use OpenSSL rather than LibTomCrypt. It is less work for me, simple as that. If you expand your work, that will end my complaints, and we'll both be happy.
Peace.
Re: algorithms vs. applications (Score:2, Interesting)
In fact unlike the CryptLib and OpenSSL design my library is fully modular which means the OFB code for instance is not tied to one cipher. If you examine CryptLib [and from what I have seen of OpenSSL] they have implemented one OFB [etc] routine per cipher....
I agree though that protocol support is a good idea but thats not a be-all either.
Most protocols don't fully specify your PRNG/RNG source or how you should lock memory, store things on disk, etc...
In otherwords you can comply with say PKCS #1 and still have an insecure application.
Also unlike OpenSSL my library builds out of the box on virtually every GCC platform without configuration or patching. It even works on my Gameboy Advanced without changes!!!
In the long run I agree. I do plan on adding things like PKCS #1, P1363, etc... but in the short term I am more interested in getting mature, well documented primitives.
Tom