|
|
Home > Products > NanoSSL
Features
Benefits
Architecture
SSL/TLS (Secure Sockets Layer/Transport Layer Security) authenticates endpoints and encrypts channels to provide session privacy and security on the Internet. The standard operates at a higher level in the OSI stack than IPsec, and supports peer negotiation for algorithm selection, public key based exchange of secret session keys and X.509 certificates. SSL / TLS is the world's most widely-implemented security protocol, and it's essential for electronic commerce. TLS is increasingly used for proxies, redirect servers and registrars to protect SIP signaling in VoIP environments.
Unfortunately, most SSL/TLS packages are designed for PC's, not embedded devices. That means that they can be somewhat unwieldy in memory-constrained device environments... and the performance of typical commercial or open-source SSL offerings can be pretty disappointing, as well. On a PC, "big and slow" is no big deal. On a small connected device, though, open-source SSL packages simply won't fit in the memory allocated — or they'll burn through battery power so fast that it won't make any difference if they had.
NanoSSL™ is the answer.
NanoSSL is Mocana's super fast, super small SSL/TLS solution specifically designed to speed product development while providing best-in-class device security services for resource-constrained environments. And it's surprisingly affordable: your NanoSSL total cost of ownership will usually be substantially less expensive than open source. (Try our "build vs. buy" calculator, here.)
NanoSSL™ Features
Mocana's NanoSSL™ is an standards-based full featured and RFC-compliant SSL/TLS client/server toolkit. NanoSSL is easy to use, uniquely architected with an asynchronous core to fully leverage hardware acceleration, is extremely portable and has an incredibly small memory footprint. It is ideally suited to securing voice, video and data communications.
 |
NanoSSL™ is among the smallest, fastest,
best-supported SSL implementations on the market. |
Very High Performance
NanoSSL, like all of Mocana's device security solutions, is designed with an asynchronous core to fully leverage hardware acceleration. NanoSSL throughput typically outperforms open source SSL packages by a factor of 4x or better, depending on the platform.
Ultra-Small Size
Optimized for size and memory usage, the NanoSSL client and server has been specifically designed and written to operate on resource-constrained devices, requiring as little as 50KB ROM each. This is less than one-fifth the size of the typical SSL client.
Full (not partial) IETF RFC Compliance:
- RFC-2246, TLS Protocol Version 1.0
- RFC-3268, AES Ciphersuites for Transport Layer Security
- RFC-3280, Internet X.509 Public Key Infrastructure
- RFC-3546, Transport Layer Security Extensions (partially supported)
- RFC-4279, Pre-Shared Key Ciphersuites for Transport Layer Security
- RFC 4346, TLS 1.1
Extra-Flexible SSLv3 and TLS 1.0 Cipher Support
- TLS-RSA-WITH-AES-256-CBC-SHA
- TLS-RSA-WITH-AES-128-CBC-SHA
- TLS-RSA-WITH-ARCFOUR-128-MD5
- TLS-RSA-WITH-ARCFOUR -128-SHA
- TLS-RSA-WITH-3DES-EDE-CBC-SHA
- TLS-RSA-WITH-DES-CBC-SHA
- TLS-DHE-RSA-WITH-AES-256-CBC-SHA
- TLS-DHE-RSA-WITH-AES-128-CBC-SHA
- TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
- TLS-DHE-RSA-WITH-DES-CBC-SHA
- TLS-DH-ANON-WITH-AES-256-CBC-SHA
- TLS-DH-ANON-WITH-AES-128-CBC-SHA
- TLS-DH-ANON-WITH-ARCFOUR -128-MD5
- TLS-DH-ANON-WITH-3DES-EDE-CBC-SHA
- TLS-DH-ANON-WITH-DES-CBC-SHA
- TLS-PSK-WITH-AES-256-CBC-SHA
- TLS-PSK-WITH-AES-128-CBC-SHA
- TLS-PSK-WITH-ARCFOUR-128-SHA
- TLS-PSK-WITH-3DES-EDE-CBC-SHA
- TLS-RSA-PSK-WITH-AES-256-CBC-SHA
- TLS-RSA-PSK-WITH-AES-128-CBC-SHA
- TLS-RSA-PSK-WITH-ARCFOUR-128-SHA
- TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA
- TLS-DHE-PSK-WITH-AES-256-CBC-SHA
- TLS-DHE-PSK-WITH-AES-128-CBC-SHA
- TLS-DHE-PSK-WITH-ARCFOUR-CBC-SHA
- TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA
- TLS-RSA-WITH-NULL-SHA
- TLS-RSA-WITH-NULL-MD5
Rich Cryptography Algorithm & Construct Support
- DES
- 3DES
- AES
- ARCFOUR
- Diffie-Hellman
- RSA
- PKCS #1, Version 1.5
- PKCS #5
- PKCS #7
- PKCS #8
- PKCS #10
- PKCS #12
- MD2
- MD4
- MD5
- SHA1
- SHA-224
- SHA-256
- SHA-384
- SHA-512
NanoSSL™ Benefits
Works Where Others Won't
NanoSSL fits into the smallest memory crannies where other SSL implementation simply can't... and open-source implementations can't hold a candle to NanoSSL's throughput performance.
Platform Independent
NanoSSL, like all of Mocana's device security toolkits, is CPU-architecture and platform independent. NanoSSL is immediately available for over 1000 processor/OS combinations, and ports to new platforms can typically be completed in 2 hours. Platforms supported out-of-the-box include Linux, Monta Vista Linux, VxWorks, OSE, Nucleus, Solaris, ThreadX, Windows, MacOS X, (ARC) MQX, pSOS, and Cygwin. NanoSSL is endian-neutral, and can be used without an RTOS if required.
No Crypto Expertise Required
NanoSSL features an extremely powerful, but simple and easy-to-use API. That's because we built it for ease-of-use and ease of integration from the ground up. You don't need to be a crypto expert, because NanoSSL hides all of the complexity of the cryptography. You can focus on your development project, and let NanoSSL worry about the security. Plus Mocana's developer support team is always available to answer your questions about crypto, our toolkits, or embedded development in general.
Dramatically Speeds Your Development Cycle
NanoSSL is a ready-made, pre-optimized and exhaustively tested SSL solution that frees your in-house development resources to focus on what's really important: the functionality of your project. NanoSSL's advanced, well-documented APIs speed development & integration efforts and significantly ease customization. NanoSSL allows you to develop proprietary systems while giving you the freedom to substitute in the commercially-available components you choose. As always, Mocana's developer support team is available 24/7/365 to help you anytime.
Less Expensive than OpenSSL
While open source SSL implementations are "free", they usually end up costing a lot more than Mocana NanoSSL. Click here for our free "build vs. buy" calculator. Or here for a free source code evaluation of NanoSSL and a quote.
NanoSSL Architecture
NanoSSL Architecture
Other Mocana Solutions
In addition to our NanoSSL security solution, Mocana also develops an embedded IPsec client and server (NanoSec), a RADIUS client (NanoRADIUS), an embedded SSH (NanoSSH) and an EAP/802.1X wireless solution including wireless supplicants (NanoEAP). All Mocana's solutions are among the very smallest and fastest protocol implementations on the market. Mocana solutions have an asynchronous core to fully leverage hardware acceleration and are developed with ease of use and performance in mind. All come with Mocana's comprehensive support and maintenance and are available either individually or as a bundle as part of the Mocana Device Security Framework.
|
 |
