Latest Posts

• uncategorized

  Using Alternative I/O with wolfSSL Lightweight TLS

  In this past (here and here) we have written about wolfSSL’s I/O abstraction layer and support for alternative I/O mediums.  We wanted to refresh our reader’s memory about this helpful feature.  In this context, “less traditional I/O” means running SSL/TLS over something besides TCP/IP or UDP - for example Bluetooth,...

  Read more
• uncategorized

  Securing MySQL (#mysql) with wolfSSL

  MySQL (#mysql) currently comes bundled with yaSSL to provide an option for SSL/TLS connections when using a database. A patch for securing MySQL with the wolfSSL embedded TLS/SSL library is available for MySQL version 8.0.0 here https://github.com/wolfSSL/mysql-patch. Along with an increased level of security comes the potential to use progressive...

  Read more
• uncategorized

  wolfSSH v1.2.0 SSH Server Now Available

  wolfSSH v1.2.0 has dropped! We have just added support for Elliptic Curve algorithms and AES-GCM. The following key exchange and public key algorithms are now available:

  Read more
• uncategorized

  Securing SMTP with wolfSSL using STARTTLS

  STARTTLS is a way of protecting email communications from malicious users (insiders or otherwise) by upgrading a plaintext SMTP connection to one secured by SSL/TLS.  SMTP using STARTTLS allows encryption of emails in transit between email clients and servers. Without encryption email messages can easily be intercepted and read at...

  Read more
• uncategorized

  Fuzz Testing Research, Keeping up with the Times

  A recent paper titled “Exploiting Dissent: Towards Fuzzing-based Differential Black-Box Testing of TLS Implementations” was published by Axel Sikora and Andreas Walz. wolfSSL found the paper both well composed and informative. We would like to congratulate Andreas and Axel on a well composed piece of literature and we would highly...

  Read more
• uncategorized

  TLS-Attacker, making the online world a safer place!

  wolfSSL has a goal: “wolfSSL will provide the best security in the world for all to benefit”! We are very passionate about keeping our users safe and secure in an increasingly connected online world. To that end the wolfSSL product is the most thoroughly tested cryptography and TLS solution on...

  Read more
• uncategorized

  wolfSSL 3.12.2 Now Available

  wolfSSL 3.12.2 is now available for download! This release includes many performance improvements with Intel ASM (AVX/AVX2) and AES-NI. wolfSSL has implemented a new single precision math option to speed up RSA, DH and ECC in this release. Embedded hardware support has been expanded for STM32, PIC32MZ and ATECC508A, and...

  Read more
• uncategorized

  Embedded SSL/TLS in the Holiday Spirit

  Team wolfSSL is preparing for Halloween with a pumpkin carving! Our embedded security products are continually evolving. We encourage you to check our our wolfSSL embedded SSL/TLS library here, wolfMQTT, wolfSSH, or visit our product page for a complete list of lightweight Open Source security products.

  Read more
• uncategorized

  ALT_ECC_SIZE, low visibility but highly useful!

  Team wolfSSL is preparing for Halloween with a pumpkin carving! Our embedded security products are continually evolving. We encourage you to check our our wolfSSL embedded SSL/TLS library here, wolfMQTT, wolfSSH, or visit our product page for a complete list of lightweight Open Source security products. As always if you...

  Read more
• uncategorized

  Breaking Ed25519 paper using wolfSSL

  A recent paper used wolfSSL as a test bed for proving out their attack on Ed25519 signatures.  You can read the paper here: https://eprint.iacr.org/2017/985.pdf .  This was not an attack on wolfSSL itself or its implementation, but rather a differential power attack that involves SHA-512 and Ed25519.  The recommended countermeasure...

  Read more