Month: December 2016

Are you attending CES?

wolfSSL will be attending CES 2017 from Thursday the 5th until Saturday the 7th of January, to visit with customers, prospects and/or those who need a lightweight, portable SSL/TLS solution.

Our Business Directors, Rod Weaver and Rich Kelm will be making the rounds at the show and would welcome the opportunity to discuss your interest in wolfSSL as well as touch on some of the following topics:
 
2016 wolfSSL Roadmap:
wolfMQTT – Secure Firmware Update System
Quantum-Safe wolfSSL
wolfSSL Max Strength Build
wolfCrypt API Reference Now Available
wolfCrypt with FIPS certification
wolfSSL with Memory Optimized Curve22519 and ED22519
Kerberos to Android with wolfCrypt
wolfSSL on Intel Galileo
wolfSSL in MySQL    
wolfSSL with ChaCha20 / Poly1305 AEAD cipher suites

If you would like to set up a specific meeting time, please contact Rod Weaver at rod@wolfssl.com or (206) 310-3098, or contact Rich Kelm at rich@wolfssl.com or (360) 556-9718.

As a Christmas present to our users, customers, and community, wolfSSL is releasing version 3.10.0 of the wolfSSL embedded SSL/TLS library. Version 3.10.0 includes lots of great new features and is now available from our download page.

Features included in version 3.10.0 include:

– Support for SHA-224
– Support for scrypt
– Build for Intel SGX, located in the IDE/WIN-SGX directory
– Fix for ChaCha20-Poly1305 ECDSA certificate type request
– Enhancements for PKCS#7 with support for ECC EnvelopedData
– AES key wrap support
– Support for RIOT OS
– Support for parsing PKCS#12 files
– ECC performance enhancements with custom curves
– ARMv8 expansion to AArch32 and performance increases
– ANSI-X9.63-KDF support
– Port to STM32 F2/F4 CubeMX
– Port to Atmel ATECC508A board
– Removal of fPIE by default when wolfSSL library is compiled
– Updated Python wrapper, dropping DES and adding wc_RSASetRNG
– Support for NXP K82 hardware acceleration
– SCR client and server verify check
– New disable RNG option with autoconf
– Addition of more tests vectors to test.c for AES-CTR
– Updated DTLS session export version number
– Updated DTLS support for 64-bit sequence numbers
– Fix for memory management with TI and WOLFSSL_SMALL_STACK
– Hardening of RSA CRT to be constant time
– Fix for an uninitialized warning with IAR compiler
– Fix for C# wrapper example IO hang on unexpected connection termination

This release of wolfSSL also fixes one low level security vulnerability. The vulnerability reported was a potential cache attack on RSA operations. If using wolfSSL RSA on a server which other users can have access to monitor the cache, then it is recommended to update wolfSSL. Thanks to Andreas Zankl, Johann Heyszl and Georg Sigl at Fraunhofer AISEC for the report.

As always, please contact us at facts@wolfssl.com with any questions, comments, or feedback on the wolfSSL embedded SSL/TLS library. We wish you a Happy Holidays, and look forward to 2017!

wolfSSL now supports ARMv8! Significant gains are seen when using the crypto hardware acceleration. wolfSSL is more than 10 times faster with AES and SHA256 operations on a HiKey (LeMaker version) board when using hardware acceleration vs software!!! If building an IoT project requiring fast, secure crypto/TLS with a small memory footprint size, contact wolfSSL at facts@wolfssl.com.

For information about the board used see http://www.lemaker.org/product-hikey-specification.html