2013 was an interesting year in the world of cryptography and computer security. We have seen and mitigated against attacks such as Lucky13 and watched with interest as existing technologies such as Dual_EC_DRBG have become widely regarded as insecure. wolfSSL has been happy to provide our users with timely fixes, suggestions, and new technologies to react to the changing application and communication security landscape.
wolfSSL has made significant progress in 2013 as a business and through technical advancements. As one of the key goals of wolfSSL is to be open source and transparent, highlights of our business, technical, and partner progress throughout the past year are outlined below.
Business and Company Progress
1. Successfully participated in the following events: CES 2013, RSA USA 2013, DESIGN West 2013, Interop 2013, Black Hat 2013, Microchip Masters, and ARM TechCon 2013 – giving a technical presentation on securing embedded devices at the later.
2. Completed a company name change from yaSSL to wolfSSL, better reflecting our company and culture. To us the wolf represents us well as it is a creature that communicates effectively, works well in groups, and shares with the pack.
3. Added more developers to the team, allowing us to help secure more projects, add new features, and work with partners and open source community members with higher efficiency.
4. Increased activity in onsite consulting to help customers design and validate their security architectures.
5. Experienced a dramatic increase in design wins for wolfCrypt.
6. Doubled our customer base.
7. Continued to support the open source community.
8. Added several new resale, technology, and co-marketing partnerships.
9. Launched our Kickstart consulting service package, making it easier for customers to seamlessly get CyaSSL up and running in their environment.
10. Began the FIPS validation process with CTaoCrypt / wolfCrypt
CyaSSL Technical Progress
A total of four CyaSSL releases were delivered in 2013, each with bug fixes, enhancements, and new feature additions. Highlights of these releases included:
1. A timely fix for the Lucky13 attack
2. SHA-3 finalist BLAKE2b support (a fast and low resource use hash algorithm)
3. AES-CCM-8 crypto and cipher suites
4. Ability for AES-GCM and AES-CCM to leverage Intel AES-NI
5. Camellia crypto and cipher suites
6. DTLS 1.2 support, including AEAD ciphers
7. DTLS reliability enhancements, IPv6 fixes
8. SHA-384 cipher suites
9. Persistent session and CA cache functionality
10. User atomic record layer processing callbacks
11. Public key callbacks for ECC and RSA
12. HMAC now supports SHA-512
13. New supported TLS Extensions including SNI, SEP, Maximum Fragment Length, Truncated HMAC
14. Ability to unload certs/keys for lower memory use
15. The separation of wolfCrypt from CyaSSL, giving users the ability to use wolfCrypt as a standalone cryptography engine
16. Enhanced examples, including the ability to track memory usage and better IPv6 support
17. Updated CTaoCrypt benchmark app for easier use on embedded systems
18. Updated XCode project files
19. More flexible ./configure options for enabling and disabling features
20. Bug fixes and enhancements in SSL sniffer functionality
21. Enhanced OCSP support with bug fixes and the addition of callbacks
22. Addition of the LeanPSK build option for a small 20kB build
23. Updated and expanded API documentation
24. Release of wolfSSL JNI 1.0, giving Java users a pre-built JNI wrapper around the CyaSSL lightweight SSL library
CyaSSL Porting Progress
1. Release of the CyaSSL Porting Guide
2. Support for Microchip PIC32MX and PIC32MZ and the new MPLAB Harmony development environment
3. Support for version 6 of Microchip’s TCP/IP stack
4. Cavium NITROX support
5. HP/UX support
6. STM32F2 support with hardware crypto and RNG
7. KEIL MDK-ARM and MDK5 project files complete with new CyaSSL software pack for MDK5
8. Better ThreadX support and the addition of NetX I/O callback handlers
9. Freescale Kinetis RNGB support
10. Freescale Kinetis mmCAU support
11. One of our favorite projects, Gearman, now supports CyaSSL
In summary, we had a great year! 2013 was successful for us on multiple fronts, and we look forward to serving our customers and community with ever more secure and functional software in 2014! As always, your feedback is welcome at firstname.lastname@example.org!