= S2n-tls =

s2n-tls
- Logo: AWS s2n logo.png
- Logo Size: 120px
- Developer: Amazon Web Services
- Author: Colm MacCárthaigh
- Operating System: Cross-platform
- Programming Language: C99
- Genre: Security library
- License: Apache License 2.0

s2n-tls, originally named s2n, is an open-source C99 implementation of the Transport Layer Security (TLS) protocol developed by Amazon Web Services (AWS) and initially released in 2015. The goal was to make the code—about 6,000 lines long—easier to review than that of OpenSSL—with 500,000 lines, 70,000 of which are involved in processing TLS.

== History ==
s2n was first released in June 2015 on GitHub. AWS said that the name "s2n" stands for signal to noise as a nod "to the almost magical act of encryption—disguising meaningful signals, like your critical data, as seemingly random noise". In 2022 AWS renamed it from s2n to s2n-tls. It has been the subject of several external reviews as well as penetration testing. Galois, Inc. has conducted formal verification of components of s2n-tls.

In 2015, independent security researchers described a variant of the Lucky Thirteen attack against s2n, even though s2n included countermeasures intended to prevent timing attacks. In response, Amazon's s2n team said it would remove CBC-mode cipher suites and take code from BoringSSL to replace its own CBC-mode decryption. The AWS Security Blog said that the attack could not have been exploited against Amazon, AWS, or its customers, including because the cited versions of s2n had not been used in a production environment.

In February 2017, Amazon announced that s2n was now handling 100% of SSL traffic for Amazon S3.

== Features ==

=== TLS extensions ===
Common TLS extensions supported by this software are Server Name Indication, Application-Layer Protocol Negotiation, and Online Certificate Status Protocol.

=== Cryptography ===
s2n-tls supports the main ciphers in use today, such as AES in CBC and GCM modes, 3DES, and RC4. It also provides support for perfect forward secrecy through Diffie–Hellman or Elliptic-curve Diffie–Hellman ephemeral keys.

Weaker ciphers and key exchange modes are disabled by default.

== Language bindings ==
The language bindings below were not developed by AWS:

- Lua: LuaJIT 2.0 binding
- Python: CyS2N

== See also ==

- Comparison of TLS implementations
