ISARA Catalyst TLS Testbed

The ISARA Catalyst TLS library lets you establish TLS connections that will resist attacks by quantum computers. Catalyst TLS supports TLS 1.2 with the NSA Suite B cipher suites and ISARA’s modified hybrid quantum-safe Suite B cipher suites. The hybrid cipher suites use Diffie-Hellman-like variants of submissions to the NIST Post-Quantum Standardization evaluation process.

X.509 certificate-based authentication is supported for server authentication and optionally for client authentication.

The following TLS extensions are also supported:

Change Log

Testbed 0.1

Testbed 0.1 is the first version of ISARA Catalyst TLS.

Contents

Catalyst TLS is organized into several directories:

  • doc — API documentation (doc/library/index.html) and Developer’s Guide (doc/guide/guide.html).

  • include — Catalyst TLS headers.

  • one or more lib_<cpu> directories — Catalyst TLS static and shared libraries for a particular architecture.

  • samples — Sample programs demonstrating how to use Catalyst TLS.

Getting Help

The latest version of Catalyst TLS documentation is available on ISARA’s website:

For information about reporting security issues, please read the SECURITY document.

Using Catalyst TLS

After unpacking the archive, you can start using it by adding the following command-line arguments to your compiler:

-I/path/to/isara_tls/include \
-L/path/to/isara_tls/lib_cpu \
-lisara_tls -liqr_toolkit

where cpu is one of the available CPUs in your archive. For example, the linux archive includes some of these versions of the library:

  • lib_x86_64 - 64 bit AMD and Intel CPUs

  • lib_armv7l - 32 bit ARM CPUs

If you require a version of the library tuned for a specific CPU, please contact ISARA’s sales team.

Building the Samples

Note
Before building the samples, copy the CPU-specific versions of the libraries into a lib directory. For example, to build the samples for Intel 64 bit CPUs, copy the contents of lib_x86_64 into lib.

To build the samples:

cd /path/to/isara_tls/samples/sample_name
mkdir build
cd build
cmake ..
make

For more details and tool requirements, please refer to the Developer’s Guide (doc/guide/guide.html) documentation.

Note
Don’t build the samples on macOS using gcc 8, they will crash before main() due to a problem with -fstack-protector-all. Use clang to produce Mac binaries.

System Requirements

Recommended:

  • Linux (Ubuntu 16.04 LTS or newer 64 bit platforms, Raspbian 9.4 32 bit platform)

  • macOS 10.14 or newer

  • Windows 10 (64 bit platforms)

Minimum:

  • Linux (Ubuntu 14.04 LTS 64 bit platforms, Raspbian 9.4 32 bit platform)

  • macOS 10.12

  • Windows 10 (64 bit platforms)

Supported CPUs by OS:

  • Linux: x86_64, armv7l (Raspbian 9.4 on Raspberry Pi3)

  • macOS: x86_64

  • Windows: x86_64

Additional CPU-specific builds can also be created on demand; please contact ISARA’s sales team.

ISARA Catalyst TLS is licensed for use:

Copyright © 2019, ISARA Corporation, All Rights Reserved.

The code and other content set out herein is not in the public domain, is considered a trade secret and is confidential to ISARA Corporation. Use, reproduction or distribution, in whole or in part, of such code or other content is strictly prohibited except by express written permission of ISARA Corporation. Please contact ISARA Corporation at info@isara.com for more information.

ISARA Catalyst TLS contains components from mbed TLS governed by the terms of the license below:

Trademarks

ISARA Catalyst™ is a trademark of ISARA Corporation.

Sample Code License

Sample code is covered by the Apache 2.0 license:

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Patent Information

Portions of this software are covered by US Patents 9,614,668, 9,660,978, 9,673,977, and 9,698,986.