Security of Things Cloud Connectivity

[ NanoSSL™ ]

Security of Things Platform's comprehensive, standards-based SSL developers' suite, purpose-built for efficiency and high performance with support for TLS 1.2 and TLS certificate management.

Whitepaper: Can You Afford Free OpenSSL?

Problems Solved

NanoSSL's SSL/TLS (Secure Sockets Layer/Transport Layer Security) technology authenticates endpoints and encrypts channels to provide session privacy and security on the Internet. NanoSSL operates at the transport layer in the OSI stack, and provides secured data transport for applications. It supports peer negotiation for algorithm selection, public key based exchange of secret session keys and X.509 certificates. The SSL / TLS spec embodied in NanoSSL is the world's most widely-implemented security protocol. Typically, networking OEMs use SSL to provide secured management access to the devices like switches, routers, access points and modems. But with the arrival of the "Internet of Things," several new types of devices are connected to IP networks—medical equipment, industrial sensors, smart grid devices, camcorders, and many other embedded devices. All of these devices need management access to transport data securely over the unsecured Internet.

NanoSSL is the answer.

NanoSSL can help defeat eavesdropping on wired or wireless connections and can be used to deliver secured software packages from and to authenticated endpoints. Traffic protected with NanoSSL is unreadable if intercepted, and difficult to redirect with consequence, since packet payloads cannot be deciphered. 

NanoSSL's cryptography is fully FIPS 140-2 validated and fully validated binaries are available for many popular platforms. Finally, NanoSSL can be usefully applied to secure many remote access use cases.

NanoSSL provides easy to use APIs for integration with applications like web servers and browsers. Its certificate management module allows it to fetch or renew SSL certificates, check the status of SSL certificates using CRLs or to query a Certificate Authority (CA) or certificate chain.

NanoSSL is Mocana's super fast, super small SSL/TLS solution specifically designed to speed product development while providing best-in-class device security services for resource-constrained environments. NanoSSL is open-standards based, extensible, extremely small footprint, platform-agnostic and includes an optional government-certified FIPS 140-2 level-1-validated crypto core. NanoSSL includes a full-featured key generator and certificate management client, and even supports Government Suite B crypto algorithms and the new RFC standard for TLS 1.2. Best of all it's surprisingly affordable: your NanoSSL total cost of ownership will be substantially less than that of open source.


NanoSSL Benefits

Works Where Others Won't
NanoSSL fits into tiny memory footprints where other implementations simply can't... and open-source packages can't match Mocana's throughput performance.

FIPS Certified with NSA Suite B Support
All government agencies and most contractors require FIPS-certification of cryptographic engines - a difficult certification to achieve. NanoSSL's core cryptographic engine is available to you in source, or as a government-certified FIPS 140-2 Level 1 validated binary. Both source and binary versions include full support for NSA's Suite B algorithms, providing secure communications between high-assurance (classified) and basic-assurance systems.

Complete Solution
There are a lot of other SSL packages out there. But almost all of them are incomplete—missing critical standards, algorithms or code that you'll need to finish your SSL/TLS implementation. Only NanoSSL offers everything you need together in one package, to get the job done right—and fast. Guaranteed.

GPL-Free Code
NanoSSL is usually less expensive than "free" open source code, especially when engineering, testing and support costs are factored in. Since we guarantee that NanoSSL contains absolutely no GPL code, you can be confident your intellectual property won't accidentally become public domain because of "GPL contamination"— something open source projects can't do.

Platform Independent
NanoSSL, like all of Mocana's device security toolkits, is CPU-architecture and platform independent. NanoSSL is immediately available for over 35 operating systems and 70 processors. Platforms supported out-ofthe-box include Linux, Monta Vista Linux, VxWorks, OSE, Nucleus, Solaris, ThreadX, Windows, MacOS X, (ARC) MQX, pSOS, and Cygwin. NanoSSL is endian-neutral, and can be used without an RTOS if required.

No Crypto Expertise Required
NanoSSL features an extremely powerful, but simple and easy-to-use API. You don't need to be a crypto expert, because NanoSSL hides all of the complexity of the cryptography. You can focus on your development project, and let NanoSSL worry about the security. Plus Mocana's developer support team is always available to answer your questions about our products or embedded development in general.

Dramatically Speeds Your Development Cycle
NanoSSL is a ready-made, pre-optimized and exhaustively tested SSL solution that frees your in-house development resources to focus on what's really important: the functionality of your project. NanoSSL allows you to develop proprietary systems while giving you the freedom to substitute in the commercially available components you choose.