Latest Posts

• uncategorized

  Is TLS False Start going to take off?

  TLS requires both end points to have received and processed their peers Change Cipher Spec and Finished messages before starting to transfer their bulk encrypted data. It needs the Finished message to validate its peers identify. To save one round-trip time, an endpoint after having sent its Finished message could...

  Read more
• uncategorized

  CTaoCrypt will be changing to wolfCrypt

  We would like to give our users an early heads up that our cryptography library, CTaoCrypt will soon be changing names to wolfCrypt. With the name change, there may be some changes to the existing crypto API. You’ll also begin to see changes in our documentation and website.If you have...

  Read more
• uncategorized

  wolfSSL adds support for SHA-3 finalist BLAKE

  wolfSSL now supports BLAKE2b hashes at the cryptographic level.  Support for digest sizes from 256bits - 512 bits is included.  BLAKE was one of 5 finalists for the NIST hash competition to pick SHA-3.  BLAKE2 is an improved version that simplifies software implementations and has great speed while consuming little...

  Read more
• uncategorized

  DTLSv1.2 Now Available in wolfSSL

  We have added DTLSv1.2 to wolfSSL. The latest sources are available in our GitHub repository. To enable DTLSv1.2 in wolfSSL, configure the build with the option “–enable-dtls”. We are very excited to offer this new protocol. If you are interested in discussing the cipher suites available for DTLSv1.2, please contact...

  Read more
• uncategorized

  Lucky Thirteen Overview Article

  Here`s another good article on the Lucky Thirteen breach quoting SSL researcher Ivan Ristic:  http://www.computerworlduk.com/news/security/3424689/new-attack-techniques-against-ssl-revealed/

  Read more
• uncategorized

  wolfSSL, provider of CyaSSL Embedded SSL, releases first embedded TLS and DTLS protocol fix for Lucky Thirteen Attack

  Researchers have found a new a new attack vector for TLS 1.1 and 1.2 protocol implementations, which wolfSSL has promptly fixed in its leading embedded TLS product.In the paper “Lucky Thirteen: Breaking the TLS and DTLS Record Protocols” authors Nadhem AlFardan and Kenneth Paterson present a family of attacks that...

  Read more
• uncategorized

  wolfSSL 2.5.0 is Now Available

  Release 2.5.0 of the wolfSSL lightweight SSL/TLS library has been released and is now available for download. This release has bug fixes and new features including:- Fix for TLS CBC padding timing attack identified by Nadhem Alfardan and Kenny Paterson: http://www.isg.rhul.ac.uk/tls/- Microchip PIC32 (MIPS16, MIPS32) support- Microchip MPLAB X example...

  Read more
• uncategorized

  Using wolfSSL in other Open Source Projects

  Hi!  If you are a long time user of wolfSSL, then you probably know that we actively engage the open source community.  Our intention is to create more and better open source software for all to use and enjoy.  What you may not know about is one of our key...

  Read more
• uncategorized

  Camellia Cipher Now Available in wolfSSL

  We have added the Camellia-CBC cipher to CTaoCrypt and wolfSSL. The following cipher suites are available for TLS: • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256Camllia-CBC will be available in our next release. The latest sources are available in our GitHub repository....

  Read more
• uncategorized

  Using Pre-Shared Keys (PSK) with wolfSSL

  Ever wondered how to use PSK with the embedded wolfSSL library?  PSK is useful in resource constrained devices where public key operations may not be viable.  Its also helpful in closed networks where a Certificate Authority structure isnt in place.  To enable PSK with wolfSSL you can simply do: $...

  Read more