Latest Posts

  • uncategorized

    MIT Kerberos GSS-API with wolfSSL Now Available for Android

    wolfssladmin
    Support for the MIT GSS-API library is now available for the Android platform - complete with an org.ietf.jgss (RFC 5653) compatible application programming interface, wolfSSL cryptography integration, and NDK sample application.You may have read our previous blog entry announcing the initial phases of our effort to port the MIT Kerberos...
    Read more
  • uncategorized

    Security on Freescale Kinetis MQX with wolfSSL

    wolfssladmin
    Hello Kinetis users!  Our team has now ported and released wolfSSL lightweight SSL for Freescale Kinetis.  The newest work is for MQX/RTCS/MFS on Kinetis tower systems.  Check our Github repository for the most recent source code:https://github.com/cyassl/cyasslIf you are a Kinetis user, you will also be pleased to know that we...
    Read more
  • uncategorized

    yaSSL Embedded Web Server SafeRTOS Port

    wolfssladmin
    Have you been searching for a web server that runs on SafeRTOS? We recently ported the yaSSL Embedded Web Server and wolfSSL embedded SSL library to the SafeRTOS operating system. This means that you can easily serve up HTTPS content from your SafeRTOS-enabled project. The yaSSL Embedded Web Server offers...
    Read more
  • uncategorized

    Good article on potential SHA-3 (aka Keccak) use in embedded systems

    wolfssladmin
    Heres a good article if youre wondering how SHA-3 will be used:  http://community.embeddedswstore.com/t5/Embedded-Connection/Why-Does-Embedded-Security-Get-Overlooked/ba-p/286From the article:“What then will SHA-3 be good for? While Polk says it may take years to identify all the possibilities for Keccak, it immediately provides an essential insurance policy in case SHA-2 is ever broken. He also...
    Read more
  • uncategorized

    Some Android apps found to have serious SSL vulnerabilities

    wolfssladmin
    Researchers from two German universities have found that a large number of Android applications available today in the Google Play store have vulnerabilities related to SSL usage which may open the door for malicious man-in-the-middle attacks. You can find several blog posts explaining the vulnerabilities including one from Network World...
    Read more
  • uncategorized

    NIST selects Keccak for SHA-3

    wolfssladmin
    On October 12, NIST announced Keccak as the winner of its Secure Hash Algorithm (SHA-3) competition.Keccak is designed to permute the data in a different manner than MD5, SHA-1, and SHA-2, making it immune to many of the attacks on those hashes. It promises roughly 13 cycles per byte to...
    Read more
  • uncategorized

    New wolfSSL Layer Available for Yocto and OpenEmbedded

    wolfssladmin
    Do you currently use the Yocto Project or OpenEmbedded? We would like to announce the availability of the “meta-yassl” layer for both Yocto and OpenEmbedded. This layer adds support for the lightweight wolfSSL embedded SSL library to these projects and can be easily added to your existing Yocto or OpenEmbedded...
    Read more
  • uncategorized

    More Flexible Example Applications

    wolfssladmin
    You may have noticed that with our most recent release of the wolfSSL embedded SSL library (2.3.0), we have made our example client and server applications more flexible and easier to use. These updated applications - client (./examples/client/client) and server (./examples/server/server) - now offer a variety of command line options...
    Read more
  • uncategorized

    The CRIME attack and wolfSSL embedded SSL

    wolfssladmin
    The CRIME attack has been in the news recently, and some of our users have been asking about it.  The short version of responding to the attack is simple:  disable TLS compression.  In wolfSSL, compression is disabled by default.  The Tor project has posted an excellent explanation of the attack...
    Read more