News

  • Home > News

        Embedded-oriented SSL, SSH suite launches

        Staff | Date: Jun 14, 2004 | Comments: 1


        Mocana Corporation has launched its embedded device security suite, which aims to bring standards-based secure communications to even the most resource-constrained embedded devices, including those running Windows Embedded. The Suite comprises an SSL/TLS server, SSL/TLS client, and SSH server, and targets networked devices of all kinds where security is paramount.



        The Suite supports a broad range of open security standards and protocols, including TLS1.0, SSLv3, SSHv2, SFTP, DH, RSA-2048, DSS, AES, Triple-DES, Blowfish, SHA-1, and MD5. The platform- and architecture- independent code supports a range of embedded OSes, including Windows CE and XP Embedded. And, the code is so lightweight, it can run on 16-bit microcontrollers in systems lacking an actual operating system, according to CTO James Blaisdell.

        Fast, lightweight, and off-the-shelf

        According to Blaisdell, the TLS client and server separately each have a firmware footprint of 50KB, and together weigh in at 60KB. The SSH server footprint is 70KB. The full suite requires about 110KB of firmware space. Additionally, the memory footprint is very small -- 14KB per connected client -- with very light stack usage between 2.5 and 3.5KB. "We run in-process, not out of process with pipes and so forth, so performance is twice as fast as most SSL/TLS stacks," Blaisdell commented.

        Mocana believes its solution to be a tremendous advantage over in-house security solutions, because it reduces the risk that developers not trained in security will introduce vulnerabilities. Additionally, the company says, it can be implemented faster and is smaller and quicker than hacked versions of non-embedded-specific open source security programs. Unlike OpenSSL and OpenSSH, Mocana's Suite was built from the ground up for embedded use, the company says.


        Mocana SSL Server architecture


        Additionally, the Suite can support hardware security acceleration in Broadcom, FreeScale, and other chips. Example code for "a growing number" of security processors and co-processors is included with the Suite, according to Mocana.

        Early customers

        Mocana says that its Suite has already been used extensively by customers during the two years the company has been in business. "We already have repeat customers," says CEO Adrian Turner, citing Nortel, where three separate groups have deployed the Suite.

        Additionally, says Turner, the company has received government clearance to supply its technology outside the U.S.

        "We've developed a complete security solution that enterprise developers can simply drop into embedded devices to secure communications," Turner says.

        Turner adds that Mocana is self-funded, and profitable based on closed sales. He declined to specify the size of the company, but called its relatively large size a competitive advantage. The company is based in Menlo Park, Calif.

        Availability

        The Mocana Suite is available immediately, priced at $7,500 each for the SSL client and server, and $6,500 for the SSH server, with bundle pricing available. It is delivered as source code, and is licensed royalty-free. Binary versions are available for free evaluation, after registration, from the Mocana Website. The company also has a source code evaluation program.

        Mocana will hold a series of Webinars discussing the security needs of embedded devices, beginning June 17.


        Related Stories: