Author: Kajal Sapkota

One of the greatest security issues facing the automotive and aviation worlds is securing connections over CAN bus and its derivative protocols.  The big issue with these protocols is that they do not have a method for authenticating who or what they are communicating with, and don’t encrypt the traffic.  This leaves them open to […]

Read MoreMore Tag

The wolfMQTT library is an implementation of the MQTT Client written in C for embedded use, which supports SSL/TLS via the wolfSSL library. This library was built from the ground up to be multi-platform, space conscious and extensible. And most importantly it integrates with wolfSSL to provide TLS support, for a secure solution out of […]

Read MoreMore Tag

The pq-wolfssl development team have done an excellent  experimental post-quantum integration.  We applaud their efforts and wanted to summarize and share some fascinating things that they published in their paper.  First we will discuss their scenario and then their conclusions. The team’s objective was to study the possibility of a two-step migration strategy for post-quantum signature […]

Read MoreMore Tag

A little while ago we announced support for post-quantum KEM groups and then hybrid groups. We are now proud to announce support for the PQC NIST round 3 finalist signature scheme FALCON. With this announcement, customers can now experiment with fully quantum-safe TLS 1.3 handshakes. From a high level perspective, for every TLS 1.3 connection, […]

Read MoreMore Tag

The main difference is DTLS uses UDP and TLS uses TCP. DTLS stands for Datagram Transport Layer Security and is a communications protocol designed to protect data privacy and prevent eavesdropping/tampering. It is based on TLS protocol and used across web browsing, mail, and instant messaging. Using the DTLS library of wolfSSL, sensor data is […]

Read MoreMore Tag

The wolfSSL ecosystem consists of several software modules and components, each with specific goals and purposes. We make sure all our software products are engineered using the quality standards required by our process. Each step in the software lifetime is regulated by strict rules and testing criteria (including stringent fuzz based testing) that ensure the […]

Read MoreMore Tag

The wolfSSL ecosystem consists of several software modules and components, each with specific goals and purposes. We make sure all our software products are engineered using the quality standards required by our process. Each step in the software lifetime is regulated by strict rules and testing criteria (including stringent fuzz based testing) that ensure the […]

Read MoreMore Tag

wolfSSL embedded SSL/TLS support the latest Microchip ATECC508 and ATECC608 I2C cryptographic coprocessors. Prerequisites: Requires the Microchip CryptoAuthLib (https://github.com/MicrochipTech/cryptoauthlib.git) Examples: wolfSSL uses PK (Public Key) callbacks for the TLS crypto operations wolfCrypt uses the WOLFSSL_ATECC508A or WOLFSSL_ATECC608A macros to enable native `wc_ecc_*` API support The README.md and reference PK callbacks can be found here: https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/src/port/atmel […]

Read MoreMore Tag

The wolfSSL library is now safe against the “Harvest Now, Decrypt Later” post-quantum threat model with the addition of our new TLS 1.3 post-quantum groups. But where does that leave wolfSSH? It is still only using RSA and elliptic curve key exchange algorithms which are vulnerable to the threat model mentioned above. If you have […]

Read MoreMore Tag

It came to our attention that OpenSSL just published two new vulnerabilities. CVE-2021-3711 – “SM2 decryption buffer overflow” (nakedsecurity) CVE-202103712 – “Read buffer overruns processing ASN.1 strings.” (nakedsecurity) These were specific OpenSSL issues and do not affect wolfSSL. For a list of CVEs that apply to wolfSSL please watch the security page on our website […]

Read MoreMore Tag