Slashdot Mirror

← Back to Stories (view on slashdot.org)

LibreSSL 2.2.2 Released

Posted by samzenpus on from the check-it-out dept.

An anonymous reader writes: LibreSSL 2.2.2 has been released. According to the release notes: "This release marks the end of the OpenBSD 5.8 development cycle, featuring expanded portable build support, code improvements, removal of obsolete workarounds....The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible." This is the first LibreSSL release that has completely removed SSLv3 support.

33 comments

  1. Is it FIPS certified? by sinij · · Score: 4, Interesting

    It is about time we get viable alternative to OpenSSL. Unfortunately, LibreSSL is not FIPS certified, and as such won't be used for government-facing projects. This means as a system integrator I have a choice - use OpenSSL (and private label certify it) and be able to sell my product to industry and government client, or use LibreSSL and only be able to sell to industry clients.

    1. Re:Is it FIPS certified? by Anonymous Coward · · Score: 3, Insightful

      I'm no expert, but didn't LibreSSL remove support for some algorithms mandated by FIPS that are known to be insecure? I could be wrong, but I have the impression that it can't be certified because the standard itself is compromised.

    2. Re:Is it FIPS certified? by Christian+Smith · · Score: 2

      I'm no expert, but didn't LibreSSL remove support for some algorithms mandated by FIPS that are known to be insecure? I could be wrong, but I have the impression that it can't be certified because the standard itself is compromised.

      As I understand it, FIPS dictates that if encryption is used, the encryption used must be FIPS certified. If they remove cipher X, then clearly you're not using cipher X and it doesn't need to be FIPS certified. I don't think FIPS dictates the list of required available ciphers, just the list of allowed ciphers.

      I reserve the right to be wrong and corrected, mind.

    3. Re:Is it FIPS certified? by sinij · · Score: 3, Interesting

      You are probably thinking about Dual_EC_DRBG, support for it has been removed by NIST since 2013.

      Generally, FIPS certification would only include things you do, and mandate how to do them. For example, if you implement AES256-GCM, you will have to demonstrate that it is implemented according to the standard - NIST SP 800-38D, but you don't have to implement it.

    4. Re:Is it FIPS certified? by kriston · · Score: 5, Informative

      We have a viable alternative. It's called NSS from Mozilla, and it's free of all patent encumberments that have plagued LibreSSL/OpenSSL/SSLeay to this day. It also offers FIPS compliance.

      https://wiki.mozilla.org/NSS

      --

      Kriston

    5. Re:Is it FIPS certified? by Anonymous Coward · · Score: 1

      OpenBSD has already said they aren't going to pay for FIPS certification. The developers have no interest. However, that does not stop interested parties from working together to fund a FIPS certification project for LibreSSL. I nominate you to start it, since you want it so badly.

    6. Re:Is it FIPS certified? by Anonymous Coward · · Score: 1

      No, it isn't, and it probably never will be. They've already said that they're not going to bother with pointless box-ticking exercises in security theater like FIPS.

    7. Re:Is it FIPS certified? by Anonymous Coward · · Score: 0

      I reserve the right to be wrong and corrected, mind.

      So say we all.

    8. Re:Is it FIPS certified? by Anonymous Coward · · Score: 2, Informative

      You are correct. You may not include a disallowed cipher suite, but you are free to omit any you desire if you feel them to be insecure.

    9. Re:Is it FIPS certified? by sinij · · Score: 2

      I am not going to argue "pointless box-ticking exercises" point, but without FIPS certification LibreSSL adoption will always be limited.

      As analogy, lets say you discovered cure for cancer that can be made at home from 5$-worth of household supplies. Until you get it FDA approved, people would still die from cancer.

    10. Re:Is it FIPS certified? by jandrese · · Score: 3, Informative

      The OpenBSD guys don't care about FIPS, but if someone else does they're more than welcome to take the LibreSSL code and run it through the FIPS process. The OpenBSD team has already said that they think FIPS does more harm than good, because it locks you into exactly one version of the library which makes it difficult to apply fixes without breaking the certification. People want FIPS certification to mean "this has been proven safe", but that's not true and is impossible for non-trivial projects.

      --

      I read the internet for the articles.
    11. Re:Is it FIPS certified? by sinij · · Score: 2

      It is all but impossible for "interested party" to do this without support of developers. You need to have at least two participants - lab and sponsor. Lab can only test and report, sponsor has to develop evidence, run test vectors and so on. Even if you could find a lab that would agree to do it for free, you still have to have someone create test harnesses, write docs and so on.

    12. Re:Is it FIPS certified? by nsuccorso · · Score: 2

      Clue meter reading zero, sir. No outward signs of intelligence.

    13. Re:Is it FIPS certified? by QuietLagoon · · Score: 1

      FIPS is the easy way for governments to instill and enforce false security. That's why governments love^H^H^H^Hrequire it.

    14. Re:Is it FIPS certified? by Anonymous Coward · · Score: 2, Informative

      pfft. One of the complaints about openssl was that it tacked on code just to gain FIPS certification. So it gets certified, but now is still loaded with obsolete, insecure cruft that makes it less secure and vulnerable to attacks. In which case, its FIPS certification status is meaningless in terms of providing real security.

    15. Re:Is it FIPS certified? by sinij · · Score: 2

      I disagree. FIPS main goal is to mitigate people from making preventable mistakes from home-cooking crypto primitives. This was a big issue during early 90s. In this regard - NIST succeeded. We now have open standards, reference implementations, and openly available testing tools. You could even argue that FIPS program succeeded tot he point of becoming irrelevant. For example, hardly anyone get AES wrong these days. Do you think for a moment that if NIST were to go away and stop supporting FIPS, big corps like RSA Security wouldn't crawl back and try to proprietary lock everything down? Imagine having to pay royalties for implementing TLS 3.0, and imagine what that would to to Open Source.

    16. Re:Is it FIPS certified? by Anonymous Coward · · Score: 0

      You are part of the problem. If the world simply said the OpenBSD LibreSSL was good (which it is) then things would change.

    17. Re:Is it FIPS certified? by QuietLagoon · · Score: 2

      ...FIPS main goal is to mitigate people from making preventable mistakes from home-cooking crypto primitives. ...

      The main goal of FIPS should be secure systems in today's dynamic security environment. Note the word "dynamic". Can FIPS move quickly enough?

    18. Re:Is it FIPS certified? by steelfood · · Score: 1

      And you know what, if government red tape and paranoia against the people it was meant to serve has caused the government's systems to be more vulnurable to hackers from abroad, they got what was coming for them.

      I feel bad for the government employees who had their personal information compromised. I don't feel bad for having official correspondences and documents that otherwise would be encrypted exposed due to security holes.

      If the government wants their systems secure, they're going to have to work to make sure everybody's systems are secure.

      Of course, for those who don't know what I'm talking about, it's with regards to the NSA sabotaging standards and causing software bloat that results in unintended security holes (e.g. heartbleed).

      --
      "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
    19. Re:Is it FIPS certified? by slashdice · · Score: 2

      > you still have to have someone create test harnesses, write docs and so on.

      Right, someone like... an "interested party".

      --
      Copyright (c) 1990 - 2014 Dice. All rights reserved. Use of this comment is subject to certain Terms and Conditions.
    20. Re:Is it FIPS certified? by twistedcubic · · Score: 1

      LibreSSL is intentionally not FIPS certified. I imagine they're more concerned about security in a real sense, than a not exactly optimal government standard.

    21. Re:Is it FIPS certified? by Anonymous Coward · · Score: 0

      FIPS main goal is to mitigate people from making preventable mistakes from home-cooking crypto primitives. This was a big issue during early 90s

      That's quite some bullshit here, I take it you're too young to actually have dealt with encryption at that time, or otherwise I don't understand this silly comment. We're speaking about times when the clipper chip was proposed, intentionally flawed cell phone encryption standards were implemented, companies like Crypto AG included backdoors, and cryptography and its export were severely restricted and even outlawed in some countries. Of course, some "homebrewn" encryption had flaws then, but the common flaws and big disasters of this time were those created by so-called 'security professionals'. And if you have flawed standards and intentional backdoors, no amount of FIPS certification will make the product secure...

    22. Re:Is it FIPS certified? by QuietLagoon · · Score: 1

      ...the common flaws and big disasters of this time were those created by so-called 'security professionals'...

      Watching the OpenSSL fiasco unfold, what it looked like to me was that the OpenSSL project was all but taken over by some "security professionals" who were determined to continue sucking at the teat of FIPS consulting work.

      .
      They had no incentive to make OpenSSL secure, the only incentive they did have was to make OpenSSL complicated enough so that FIPS consultants were needed in order to gain FIPS certification.

    23. Re:Is it FIPS certified? by Anonymous Coward · · Score: 1

      What scares me is the number of OTHER libraries out there like this. Basically 'maintenance only'. Where the maintenance is just enough to get their next project done. We have built thousands of these little critters into our infrastructure that have not seen updates in years. The cleanup the LibreSSL guys are doing is basically dragging a project from 1992 into 2015. Using modern C constructs and a modern CRT. Throwing out CRT hacks that were needed because some platform had a crap CRT.

      How many other projects out there could benefit from a similar scrub down? Many of these projects have makefiles for compiler chains that no one sells anymore for operating systems all but a handful of people used in the first place or EOL for well over a decade.

    24. Re:Is it FIPS certified? by Anonymous Coward · · Score: 0

      until mozilla buttfucks some advertising into it

    25. Re:Is it FIPS certified? by Anonymous Coward · · Score: 0

      The problem with NSS is that it's licensed under the Mozilla Public License, which is more complex / less free than the BSD/MIT-type licenses the BSD projects hope for.

      OpenSSL is the only SSL implementation that I know of that's released under a permissive BSD license.

    26. Re:Is it FIPS certified? by arglebargle_xiv · · Score: 1

      Non-FIPS-140 compliance is a feature, not a bug. FIPS 140 compliance means you've hacked your code to meet a long checklist of somewhat arbitrarily-chosen requirements, of which the majority don't make things any better (unless you had a really crappy product to start with), or even any sense in some cases, and some which make things a lot worse (e.g. mandated removal of fork-protection for the CSPRNG).

      So if you want a secure alternative to OpenSSL, use LibreSSL. If you want braindead checkbox compliance and FIPS-mandated security vulns, use OpenSSL.

    27. Re:Is it FIPS certified? by colekane7745 · · Score: 1

      I have heard about it almost year ago when I was in Poland. I remember I have taken a transfer from Krakow airport to city center and there - in Krakow I participated in very interesting conference organized annualy in July.

    28. Re:Is it FIPS certified? by kriston · · Score: 1

      OpenSSL does have a permissive license, but several of the algorithms are inappropriately and probably illegally included in that "license" because they aren't legitimate implementations, like IDEA, RC4 (arcfour), and RC6.

      --

      Kriston

  2. LibreTLS by Anonymous Coward · · Score: 1

    since they're updating the whole code and project to the modern century (and even removing SSLv3), shouldn't they really be calling the project LibreTLS?