wolfSSL and Whitewood will be holding a webinar tomorrow, April 20, 2016 to talk about securing the IoT with the wolfSSL embedded SSL/TLS library and Whitewood netRandom.
Title: Building Trust and Keeping Secrets in the IoT
When: April 20, 10:00am PDT
“When devices in the Internet of Things (IoT) handle sensitive data or perform safety critical tasks, it’s essential that they can be trusted. Devices need to be able to store data and communicate confidentially. They need to prove their identity and verify that messages they send and receive have not been tampered with. These critical security capabilities all rely on cryptography – and all cryptography relies on secrets. Whether using encryption, digital IDs or signatures keeping secrets is still only a part of the challenge. Implementing the core crypto algorithms and protocols can be error prone, resource hungry and slow in operation – all of which can impact user confidence and vendor credibility.
During this webinar, experts from Whitewood and wolfSSL will highlight the pitfalls and solutions for crypto enabling your IoT security to build trust, minimize risk and accelerate time to market.”
If you are interested in watching the webinar, you can register at the following link:
wolfSSL has a new C# wrapper, allowing use of the wolfSSL embedded SSL/TLS library in a C# project. This will let users take advantage of the low footprint size of wolfSSL in IoT spaces that use the .NET framework. A Visual Studio project, along with server examples can be found in the directory “/wrapper/CSharp/”.
The wolfSSL C# wrapper is included in versions of wolfSSL beginning with 3.8.0. To download wolfSSL, visit the download page. More information about the wrapper and documentation can be found at the following links:
wolfSSL C# Wrapper
wolfSSL C# Manual
wolfSSL C# API Reference
For more info about using C# with wolfSSL, contact us at email@example.com.
wolfSSL is happy to announce that the wolfSSL embedded SSL/TLS and wolfCrypt cryptography libraries have been ported to the uTasker operating system!
uTasker is an operating system, stack, and collection of services designed for embedded devices. It includes an OS, filesystem, device drivers, and TCP/IP stack among other features. The uTasker package includes a device simulator, allowing developers to test and debug code faster than would be possible on physical hardware itself. Complete details on the uTasker stack can be found on the project website: http://www.utasker.com/.
wolfSSL has added a new preprocessor define to enable the uTasker port layer called WOLFSSL_UTASKER. The port currently includes example client and server uTasker tasks which make use of the wolfSSL I/O abstraction layer to send and receive data over a secure SSL/TLS connection using uTasker RAW sockets. The example tasks have been tested using the uTasker device simulator contained in the “uTasker_M522XX_V1.4-6” distribution.
What this means for projects using uTasker is that network connections can now communicate securely over SSL/TLS, using the progressive and lightweight wolfSSL SSL/TLS library. Applications can also take advantage of the underlying wolfCrypt cryptography library to access crypto operations directly (block ciphers, stream ciphers, AEAD ciphers, hash functions, public key algorithms, and certificate verification routines).
The wolfSSL uTasker example client and server task are located in the ‘wolfssl-examples’ GitHub repository, linked below. Documentation for these examples and on using wolfSSL with uTasker can be found on the wolfSSL website:
Using wolfSSL with uTasker
wolfSSL uTasker Examples
If you are interested in using wolfSSL on a uTasker-based project, feel free to reach out to us at firstname.lastname@example.org with any questions.
The wolfSSL embedded SSL/TLS library has added the option for using ECDHE-PSK cipher suites. This opens up using the small memory size ECC keys with PSK on embedded devices.
PSK (pre shared keys) is a viable option when controlling both ends of the connection. It allows for saving memory and computation time when performing a TLS handshake. Adding ECDHE gives the cipher suite perfect forward secrecy with using an ephemeral ECC key during the TLS handshake. Previously wolfSSL had DHE-PSK cipher suites but using ECDHE-PSK cipher suites will save even more memory, beneficial in resource-constrained, IoT devices.
The ECDHE-PSK cipher suites available to users include:
wolfSSL has laid the groundwork for a portable command line utility. We wanted our community to be aware so you have the opportunity to begin using it with the wolfSSL embedded SSL/TLS library!
wolfCLU currently has the following features:
– Autoconf for portability
– Encrypt a file and store it locally on your computer
– Decrypt that file after it has been encrypted, or send it via email to your friend, if he/she knows the password and algorithm used for encryption, they can then decrypt it on their computer
– Hash a single file (IE a zip archive) for verification
– Benchmark the currently configured Algorithms
On the wolfCLU to-do-list:
– X509 Certificate generation
– X509 Certificate pem-to-der/der-to-pem
– FIPS certified build option
– Integration into wolfSSL distribution
Please head on over and check out the README!