You may have recently read our blog post regarding Exposed Private Keys and how you may create secure private keys for SSL-enabled devices using wolfSSL. If your application or framework needs to be secured with SSL/TLS but you are uncertain about how the optimal design of a secured system would be structured, we can help! […]
Read MoreMore TagMonth: December 2010
Holiday wolfSSL Release 1.8.0
So what made it into the wolfSSL Holiday Release? We think a few items that users will appreciate. Some concern increased portability through the os_settings.h file and the new C Standard Library Abstraction layer. Others lower memory use through configurable input/output buffer sizes and less dynamic memory use. For the readers out there we now […]
Read MoreMore TagwolfSSL Maturity
We saw a post on a mailing list recently that questioned the maturity of wolfSSL. The post came as a surprise. We think wolfSSL is pretty mature by most standards! Here’s our key points on wolfSSL’s maturity: 1. It is on its 29th release.2. It has been vetted out in the open source community for 6 […]
Read MoreMore TagKeep your SSL Private Keys Private
A recent blog about “Breaking SSL on Embedded Devices” has been making the rounds recently. It`s not an attack on SSL, it`s an attack on weak private key security. Specifically, embedding a private key into firmware allows anyone to extract the key and turns an otherwise secure connection into something nothing more secure than TCP. We […]
Read MoreMore TagWhat is the yaSSL community getting for Christmas?
Will it be a new release with awesome new embedded ssl features? What could those features possibly be? Will it be even faster and smaller? More portable? New ciphers? Do you think you know what the yaSSL community is getting for Christmas this year? Send us your guess to info@yassl.com!
Read MoreMore TagAndroid Security Flaws
Here’s a nice article on Android’s security flaws and latent bugs from the CTO of Green Hills Software, Dave Kleidermacher : https://www.embedded.com/electronics-blogs/davek-security-blog/4211444/Angry-Bird-droppings. Looks like there is some work to be done to help properly secure Android!
Read MoreMore TagAdding Alternative Ciphers to the wolfSSL Embedded SSL Library
wolfSSL is modular. We’ve got two key modules: wolfSSL handles all SSL needs while CTaoCrypt handles all cryptographic needs including block ciphers, stream ciphers, message digests, hashing, public key cryptography, certificates, and various helper utilities. Our topic for this post is our crypto module CTaoCrypt. CTaoCrypt is our implementation of cryptography components including various block and stream […]
Read MoreMore TagMore news on the Mobile Internet Tsunami – Plus thoughts on how the Tsunami drives some less visible markets
This article from Embedded Internet Design https://www.eetimes.com/author.asp?section_id=36&doc_id=1265936 gives excellent coverage on the recent and upcoming technologies in the Mobile Internet Tsunami. We’d like to extrapolate from the article and think about some of the less visible, less glamorous segments of the market that will change dramatically due to the innovation and investment brought about by […]
Read MoreMore TagA Comparison of TLS 1.1 and TLS 1.2
As stated in the TLS 1.1 and 1.2 protocol definitions (RFC 4346, RFC 5246), “The primary goal of the TLS protocol is to provide privacy and data integrity between two communicating applications.” TLS 1.2 is an improvement to the TLS 1.1 standard, but how exactly do they differ? What was changed in TLS 1.2 to […]
Read MoreMore TagWhat comes next after smartphones?
As participants in securing the mobile internet tsunami, we’ve been keeping a keen eye on the future security needs of the next generation of devices. We view it from both project involvement and product management for our embedded SSL and embedded web server products. This article https://www.eetimes.com/author.asp?section_id=36&doc_id=1265933 at Embedded Internet Design gives a view of […]
Read MoreMore Tag