Latest Posts

  • uncategorized

    Using the MIT Kerberos GSS-API with wolfSSL on Android

    wolfssladmin
    Are you interested on using the GSS-API with Kerberos on Android? If so, you’ll be happy to hear about wolfSSL’s port of the MIT GSS-API library to Android platform - complete with an org.ietf.jgss (RFC 5653) compatible application programming interface, CyaSSL cryptography integration, and NDK sample application.You may have read...
    Read more
  • uncategorized

    More Dual_EC_DRBG News

    wolfssladmin
    It was reported yesterday in The Guardian and elsewhere that the NSA paid RSA $10M to set Dual_EC_DRBG as their default PRNG.  See the news here:  http://www.theguardian.com/world/2013/dec/20/nsa-internet-security-rsa-secret-10m-encryption.  As we have previously stated, we never implemented Dual_EC_DRBG in any of our products, much less set it as default, because of its...
    Read more
  • uncategorized

    SSL/TLS and Cryptography Benchmarks

    wolfssladmin
    Some of our users have been wondering if we were doing benchmarks of our SSL and cryptography performance.  Here are the results we have gathered so far: wolfSSL / CTaoCrypt Benchmarking.Let us know if we should do a different kind of benchmark at facts@wolfssl.com
    Read more
  • uncategorized

    Assembly Optimizations Available in wolfSSL for ARM Processors

    wolfssladmin
    wolfSSL, as a long standing partner to ARM, has always been well optimized for ARM environments. One of the ways CyaSSL can be optimized for ARM platforms includes assembly optimizations for Public Key operations with the CTaoCrypt fastmath option. This translates to a speed increase when using RSA, Diffie-Hellman, DSA,...
    Read more
  • uncategorized

    More on we`re dumping SSL 3.0 support from wolfSSL

    wolfssladmin
    Weve been encouraged by the feedback from the community on dropping SSL 3.0 support from wolfSSL, meaning that people think we should drop it as insecure and eliminate the legacy which goes back to 1996.  Many thanks to Paul Kocher, Phil Karlton, Alan Freier, and the many shoulders they were...
    Read more
  • uncategorized

    Dumping SSL v3 from wolfSSL

    wolfssladmin
    Hi!  Were considering the elimination of SSL 3.0 support from wolfSSL.  Theres a lot of reasons to do it, including better security, cleaning up our code, and its time to move on and modernize.  Anybody have an opinion?  The code would still be available, but not mainline.
    Read more
  • uncategorized

    Using Truncated HMAC with wolfSSL

    wolfssladmin
    Are you fan of TLS Extensions? We are here today to present the addition of Truncated HMAC on wolfSSL!Currently defined TLS cipher suites use the HMAC to authenticate record-layer communications. In TLS, the entire output of the hash function is used as the MAC tag. However, it may be desirable...
    Read more
  • uncategorized

    SSL Termination and SSL Inspection with wolfSSL SNI

    wolfssladmin
    If youre working with SSL Termination and/or SSL Inspection we have good news for you! wolfSSL now has a new feature in its Server Name Indication API:wolfSSL_SNI_GetFromBuffer()This function is capable of retrieving the server name of a given type indicated by the client from the raw bytes of a ClientHello...
    Read more