Month: November 2017

A recent paper titled “Exploiting Dissent: Towards Fuzzing-based Differential Black-Box Testing of TLS Implementations” was published by Axel Sikora and Andreas Walz. wolfSSL found the paper both well composed and informative. We would like to congratulate Andreas and Axel on a well composed piece of literature and we would highly recommend reading it if you have the time!

This paper details a new differential testing method for fuzz testing and we will follow their research closely in the coming year. We hope to see more from Axel and Andreas soon. Until then, CHEERS and keep up the great work!

https://ivesk.hs-offenburg.de/fileadmin/Einrichtungen/ivesk/files/preprint_TLS-Diff-Fuzzing_IEEE-TDSC.pdf

If you have any questions, comments, or feedback please contact us anytime at support@wolfssl.com or facts@wolfssl.com

wolfSSL has a goal: “wolfSSL will provide the best security in the world for all to benefit”! We are very passionate about keeping our users safe and secure in an increasingly connected online world. To that end the wolfSSL product is the most thoroughly tested cryptography and TLS solution on the market today. wolfSSL appreciates and admires those who take the time and effort to implement tools that assist in making our goal a reality!

We recently were made aware of a tool being actively developed called “TLS-Attacker”. TLS-Attacker accomplishes “Systematic Fuzzing and Testing of TLS Libraries”.  This tool was developed by the Ruhr University Bochum and the Hackmanit GmbH . wolfSSL is evaluating this tool for integration with our Jenkins/Hudson continuous integration server and we wanted to give a “SHOUT OUT” to all the developers who worked on this or other similar fuzzing tools! Tools like this help to ensure secure SSL/TLS implementations and we look forward to working with TLS-Attacker. We want to say, “THANK YOU” to the Ruhr University Bochum staff and Hackmanit staff for their efforts!

For any questions, concerns or comments please contact us anytime at support@wolfssl.com or facts@wolfssl.com!