Latest Posts

  • uncategorized

    wolfCrypt Receives FIPS 140-2 Certificate #2425

    wolfssladmin
    The Cryptographic Module Validation Program (CMVP) has issued FIPS 140-2 Certificate #2425 (most up-to-date certificate: #3389) for the wolfCrypt Module developed by wolfSSL Inc. The CMVP was established by the National Institute of Standards and Technology (NIST) to validate FIPS 140-2 cryptographic modules and oversee the independent laboratories performing the...
    Read more
  • uncategorized

    Using a Custom Logging Function with wolfSSL

    wolfssladmin
    If you are working on integrating wolfSSL into an application that already has existing logging functionality, but still want access wolfSSLs built-in debug messaging, you can register a custom logging callback with wolfSSL to output wolfSSLs detailed debug messaging.To enable this functionality, add the configure option “–enable-debug” to wolfSSL. Then,...
    Read more
  • uncategorized

    Speed Up Development: Code Composer Studio with TI-RTOS and wolfSSL

    wolfssladmin
    Thanks to the continued efforts of the Texas Instruments Team there is now a Wiki Page for using the wolfSSL embedded SSL/TLS library with TI-RTOS.Using wolfSSL with TI-RTOS (PDF)Members of the wolfSSL team have worked through this wiki and created a step-by-step guide for customers unfamiliar with Code Composer Studio...
    Read more
  • uncategorized

    Fixed Point ECC with wolfSSL Embedded SSL/TLS

    wolfssladmin
    On applications using ECC with wolfSSL where total memory footprint is a secondary factor to performance, consider enabling fixed point ECC with wolfSSL. This configure option generates a large lookup table for use with ECC that can increase performance time by as much as 5 times. This comes at the...
    Read more
  • uncategorized

    wolfSSL Not Vulnerable to Pandora’s Box Attack

    wolfssladmin
    Researchers Clemens Hlauschek, Markus Gruber, Florian Fankhauser, and Christian Schanes of Germany`s Research Industrial Systems Engineering are presenting a TLS Man in the Middle attack at this week’s USENIX conference in Washington D.C: https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf .  This is a protocol level attack that has a few requirements; a static (EC)DH cipher...
    Read more
  • uncategorized

    wolfCrypt now Supports Secure Remote Password

    wolfssladmin
    We are pleased to announce that wolfCrypt now has support for SRP6a (Secure Remote Password Protocol version 6a). SRP is a password authentication and key-exchange protocol suitable for authenticating users and exchanging keys over an untrusted network designed by Thomas Wu at the Computer Science Department of Stanford University. The...
    Read more
  • uncategorized

    Testing wolfSSL with Infer, Facebook`s new Static Analyzer

    wolfssladmin
    On Thursday, June 11th, Facebook open-sourced a new software development tool called Infer–a next generation static analyzer. Static analysis is the process of using a tool to scan for bugs in source code without actually running a program. Infer has the ability to detect null pointer access errors, as well...
    Read more
  • uncategorized

    A Comparison of Differences in TLS 1.1 and TLS 1.2

    wolfssladmin
    As stated in the TLS 1.1 and 1.2 protocol definitions (RFC 4346, RFC 5246), “The primary goal of the TLS protocol is to provide privacy and data integrity between two communicating applications.” TLS 1.2 is an improvement to the TLS 1.1 standard, but how exactly do they differ? What was...
    Read more
  • uncategorized

    Quantum-Safe wolfSSL

    wolfssladmin
    wolfSSL, in partnership with Security Innovation, has added support for the proposed “Quantum-safe hybrid” ciphersuite. Having this cipher suite supported in the wolfSSL embedded TLS library allows two parties to use any existing ciphersuite and “quantum-safe” any traffic protected by that ciphersuite. This means that an attacker who records the traffic and...
    Read more
  • uncategorized

    wolfSSL Max Strength Build

    wolfssladmin
    wolfSSL (formerly CyaSSL) recently added a build option called “Max Strength”. This build option forces most cipher suites to be disabled at compile time to prevent their accidental use during run time. Options such as MD5, 3DES, and ARC4 are left out of the build completely. The cipher suites that...
    Read more