Month: September 2014

Implementation of curve25519 is to the point where it is going through a testing cycle. We are looking for interested beta testers and cryptography enthusiasts who wish to test out just how fast it can be. If interested in getting the source code for the curve25519 implementation, contact us at facts@wolfssl.com.

Read MoreMore Tag

Secure Renegotiation will allow for a server to differentiate between an initial connection and a renegotiation, protecting against “man-in-the-middle” attacks during renegotiations. “Secure Socket Layer (SSL) and Transport Layer Security (TLS) renegotiation are vulnerable to an attack in which the attacker forms a TLS connection with the target server, injects content of his choice, and […]

Read MoreMore Tag

Simple Certificate Enrollment Protocol, better known as SCEP, is a way to simplify certificate handling for everyday users. This Public Key Infrastructure communication protocol is designed to enable certificate management and certificate/CRL queries within a closed network. According to the Internet Engineering Task Force, SCEP uses PKCS#7 and PKCS#1 over HTTP and supports CA and […]

Read MoreMore Tag

Preliminary benchmarks on the upcoming curve25519 implementation display why it is listed as being a speed record breaker. On average, a TLS connection using curve25519 with RSA signature, 128 bit AES and SHA is approximately 15 percent faster than when using NIST curves with the same suite. When using the recently released ChaCha20-Poly1305 suite and […]

Read MoreMore Tag

CyaSSL version 3.2.0 has been released and is now available for download from the wolfSSL website.  This release includes bug fixes and several new features which we think will be beneficial to our user and customer base.  Fixes and features include: – ChaCha20 and Poly1305 crypto and suites– Small stack improvements for OCSP, CRL, TLS, […]

Read MoreMore Tag

Retailers worldwide have been scrambling to maintain secure POS(point of sale) systems after the latest security breaches to corporations such as UPS, Target and, most recently, Home Depot. Larger corporations should not be the only ones concerned. According to the RSA Conference blog post, “Understanding PoS Malware Infecting Retailers,” the malware involved is simple to […]

Read MoreMore Tag

Open Source plays an important role in securing the Internet of Things. As more embedded products become available and security updates are required, devices will reach end-of-life, no longer supported by their creators, but will still remain in use. In the case of an open source project, developers within the open source community can contribute […]

Read MoreMore Tag

Recently at the CRYPTO 2014 conference rump sessions several interesting papers were presented. Ron Rivest presented a paper he and Jacob C. N. Schuldt wrote on finding an improved replacement for the RC4 stream cipher they named Spritz. Their goal was to find a drop in replacement for RC4 that wasn’t susceptible to the known […]

Read MoreMore Tag

wolfSSL has released a case study highlighting how Sensity Systems is using the CyaSSL lightweight SSL/TLS library to secure Light Sensory Networks (LSNs).  This case study highlights the key requirements Sensity had for securing their devices, how CyaSSL was used as a solution, and summarizes Sensity’s thoughts on the project. As stated on the Sensity […]

Read MoreMore Tag

IBM`s operating system, AIX (Advanced Interactive eXecutive), is the standard operating system for the RS/6000 series. The RS/6000 series being UNIX servers, workstations, and supercomputers made by IBM. AIX is also currently supported in IBM`s Power Systems. One of the notable features in their 2010 release is that it could support 256 cores /1024 threads […]

Read MoreMore Tag