MatrixSSL explained

MatrixSSL is an open-source TLS/SSL implementation designed for custom applications in embedded hardware environments.^{[1] [2] [3]}

The MatrixSSL library contains a full cryptographic software module that includes industry-standard public key and symmetric key algorithms. It is now called the Inside Secure TLS Toolkit.^[4]

Features

Features:^[5]

• Protocol versions
  • SSL 3.0
  • TLS 1.0
  • TLS 1.1
  • TLS 1.2
  • TLS 1.3
  • DTLS 1.0
  • DTLS 1.2
• Public key algorithms
  • RSA
  • Elliptic curve cryptography
  • Diffie–Hellman
• Symmetric key algorithms
  • AES
  • AES-GCM
  • Triple DES
  • ChaCha
  • ARC4
  • SEED
• Supported cipher suites
  • TLS_AES_128_GCM_SHA256 (TLS 1.3)
  • TLS_AES_256_GCM_SHA384 (TLS 1.3)
  • TLS_CHACHA20_POLY1305_SHA256 (TLS 1.3)
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  • TLS_RSA_WITH_SEED_CBC_SHA
  • TLS_DHE_PSK_WITH_AES_128_CBC_SHA
  • TLS_DHE_PSK_WITH_AES_256_CBC_SHA
  • TLS_PSK_WITH_AES_128_CBC_SHA
  • TLS_PSK_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
  • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • SSL_RSA_WITH_3DES_EDE_CBC_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_MD5
  • TLS_DH_anon_WITH_AES_128_CBC_SHA
  • TLS_DH_anon_WITH_AES_256_CBC_SHA
  • SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
  • SSL_DH_anon_WITH_RC4_128_MD5
• Client authentication
• Secure Renegotiation
• Standard Session Resumption
• Stateless Session Resumption
• Transport independent
• PKCS#1 and PKCS#8 key parsing
• False Start
• Max Fragment Length extension
• Optional PKCS#11 Crypto Interface

Major Releases

Version[6]	Date
4.0.0	Sep 2018
3.9.0	Mar 2017
3.8.3	Apr 2016
3.7.1	Dec 2014
3.6	Apr 2014
3.4	Jan 2013
3.3	Feb 2012
3.2	Jun 2011
3.1	Mar 2010
3.0	Aug 2009
2.2	Jan 2008
2.1	Nov 2005
1.7	Apr 2005
1.1	May 2004
1.0	Jan 2004

See also

• Comparison of TLS implementations
• GnuTLS
• wolfSSL

External links

• • Inside Secure website

Notes and References

1. Web site: Evaluating PeerSec Networks' MatrixSSL on a Stellaris® Microcontroller. 2009-06-24. Texas Instruments. 2014-08-13.
2. Web site: TLS Record Layer Bugs. Pasi. Eronen. 2006-11-09. IETF67 TLS WG. 2014-08-13.
3. Web site: Flawed MatrixSSL Code Highlights Need for Better IoT Update Practices . Young . Craig . 2016-10-10 . tripwire.com . Tripwire, Inc. . 2017-11-17.
4. Web site: Inside Secure TLS Toolkit. 2020-06-30.
5. Web site: MatrixSSL Documentation. 2014-08-13. https://web.archive.org/web/20140814231731/http://www.matrixssl.org/docs.html. 2014-08-14. dead.
6. Web site: MatrixSSL Release Notes. GitHub.