MatrixSSL

MatrixSSL

Developer(s)	PeerSec Networks,[1] acquired by INSIDE Secure Corp.
Initial release	January 25, 2004 (2004-01-25)
Stable release	4.2.2 (September 11, 2019; 4 years ago (2019-09-11) [2]) [±]
Repository	github.com/matrixssl/matrixssl
Written in	C
Operating system	Multi-platform
Type	Security library
License	dual GPLv2 or proprietary
Website	www.matrixssl.org

MatrixSSL is an open-source TLS/SSL implementation designed for custom applications in embedded hardware environments.^[3][4][5]

The MatrixSSL library contains a full cryptographic software module that includes industry-standard public key and symmetric key algorithms. It is now called the GUARD TLS Toolkit.^[6]

Features

Features:^[7]

• Protocol versions
  • SSL 3.0
  • TLS 1.0
  • TLS 1.1
  • TLS 1.2
  • TLS 1.3
  • DTLS 1.0
  • DTLS 1.2
• Public key algorithms
  • RSA
  • Elliptic curve cryptography
  • Diffie–Hellman
• Symmetric key algorithms
  • AES
  • AES-GCM
  • Triple DES
  • ChaCha
  • ARC4
  • SEED
• Supported cipher suites
  • TLS_AES_128_GCM_SHA256 (TLS 1.3)
  • TLS_AES_256_GCM_SHA384 (TLS 1.3)
  • TLS_CHACHA20_POLY1305_SHA256 (TLS 1.3)
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_RSA_WITH_SEED_CBC_SHA
  • TLS_DHE_PSK_WITH_AES_128_CBC_SHA
  • TLS_DHE_PSK_WITH_AES_256_CBC_SHA
  • TLS_PSK_WITH_AES_128_CBC_SHA
  • TLS_PSK_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • SSL_RSA_WITH_3DES_EDE_CBC_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_MD5
  • TLS_DH_anon_WITH_AES_128_CBC_SHA
  • TLS_DH_anon_WITH_AES_256_CBC_SHA
  • SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
  • SSL_DH_anon_WITH_RC4_128_MD5
• Client authentication
• Secure Renegotiation
• Standard Session Resumption
• Stateless Session Resumption
• Transport independent
• PKCS#1 and PKCS#8 key parsing
• False Start
• Max Fragment Length extension
• Optional PKCS#11 Crypto Interface

Major Releases

Version[8]	Date
4.0.0	Sep 2018
3.9.0	Mar 2017
3.8.3	Apr 2016
3.7.1	Dec 2014
3.6	Apr 2014
3.4	Jan 2013
3.3	Feb 2012
3.2	Jun 2011
3.1	Mar 2010
3.0	Aug 2009
2.2	Jan 2008
2.1	Nov 2005
1.7	Apr 2005
1.1	May 2004
1.0	Jan 2004

See also

• Comparison of TLS implementations
• GnuTLS
• wolfSSL

External links

• Official website
• Inside Secure website

References

1. PeerSec Networks
2. "MatrixSSL 4.2.2 Open release". 2019-09-11. Retrieved 2020-03-20.
3. "Evaluating PeerSec Networks' MatrixSSL on a Stellaris® Microcontroller" (PDF). Texas Instruments. 2009-06-24. Retrieved 2014-08-13.
4. Eronen, Pasi (2006-11-09). "TLS Record Layer Bugs". IETF67 TLS WG. Retrieved 2014-08-13.
5. Young, Craig (2016-10-10). "Flawed MatrixSSL Code Highlights Need for Better IoT Update Practices". tripwire.com. Tripwire, Inc. Retrieved 2017-11-17.
6. "GUARD TLS-TK, a compact TLS/DTLS stack for embedded security". Retrieved 2017-11-17.
7. "MatrixSSL Documentation". Retrieved 2014-08-13.
8. "MatrixSSL Release Notes".