Attack on RSA CRT:A recent paper written by Florian Weimer of the Red Hat Product Security group shows a fault attack on RSA. Many cryptographic libraries that perform RSA operations use an optimization called CRT (Chinese Remainder Theorem). The attack is based off of creating a fault during the CRT process, for example; by causing […]
Read MoreMore TagAuthor: wolfSSL
wolfSSL Inc. completed FIPS 140-2 revalidation testing to add the Windows 7 operating environment to the wolfCrypt FIPS cryptographic module
FIPS 140-2 revalidation testing requires the implemented algorithms to successfully complete the cryptographic algorithm validation process on the target operating environment (algorithm certificates for tested operating environments are here: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program). The cryptographic module must also successfully complete operational testing on the operating environment with a FIPS testing laboratory. The wolfCrypt FIPS 140-2 certificate #2425 will soon include all […]
Read MoreMore TagwolfSSL in Lighttpd
Lighttpd (pronounced lighty) is a web server that has a small footprint size in comparison to other web servers. Setting up Lighttpd allows for handling HTTP requests and with the addition of TLS/SSL also handling HTTPS requests. The benefit of having a small footprint size is that it takes up less memory for total installation […]
Read MoreMore TagNSA Begins Transition to Recommending Quantum Resistant Algorithms
Strong cryptographic algorithms and secure protocol implementations are a vital foundation to securing the Internet of today and tomorrow. Securing over a billion active connections on the Internet today, wolfSSL knows this very well. A recent announcement by the National Security Agency conveyed their plans to transition from recommending the Suite B set of algorithms […]
Read MoreMore TagwolfSSL 3.6.6 is Now Available
Version 3.6.6 of the wolfSSL embedded SSL/TLS library has been released and is now available for download. Release 3.6.6 of wolfSSL has bug fixes and new features including: – OpenSSH, stunnel, and lighttpd Compatibility OpenSSH compatibility with “–enable-openssh” stunnel compatibility with “–enable-stunnel” lighttpd web server compatibility with “–enable-lighttpd” – SSL 3.0 is now disabled by […]
Read MoreMore TagwolfCrypt Receives FIPS 140-2 Certificate #2425
The Cryptographic Module Validation Program (CMVP) has issued FIPS 140-2 Certificate #2425 (most up-to-date certificate: #3389) for the wolfCrypt Module developed by wolfSSL Inc. The CMVP was established by the National Institute of Standards and Technology (NIST) to validate FIPS 140-2 cryptographic modules and oversee the independent laboratories performing the cryptographic module testing. FIPS 140-2 […]
Read MoreMore TagUsing a Custom Logging Function with wolfSSL
If you are working on integrating wolfSSL into an application that already has existing logging functionality, but still want access wolfSSL`s built-in debug messaging, you can register a custom logging callback with wolfSSL to output wolfSSL`s detailed debug messaging. To enable this functionality, add the configure option “–enable-debug” to wolfSSL. Then, in your application simply: […]
Read MoreMore TagSpeed Up Development: Code Composer Studio with TI-RTOS and wolfSSL
Thanks to the continued efforts of the Texas Instruments Team there is now a Wiki Page for using the wolfSSL embedded SSL/TLS library with TI-RTOS.Using wolfSSL with TI-RTOS (PDF) Members of the wolfSSL team have worked through this wiki and created a step-by-step guide for customers unfamiliar with Code Composer Studio (CCS), SSL/TLS, or TI-RTOS. […]
Read MoreMore TagFixed Point ECC with wolfSSL Embedded SSL/TLS
On applications using ECC with wolfSSL where total memory footprint is a secondary factor to performance, consider enabling fixed point ECC with wolfSSL. This configure option generates a large lookup table for use with ECC that can increase performance time by as much as 5 times. This comes at the cost of runtime memory, but […]
Read MoreMore TagwolfSSL Not Vulnerable to Pandora’s Box Attack
Researchers Clemens Hlauschek, Markus Gruber, Florian Fankhauser, and Christian Schanes of Germany`s Research Industrial Systems Engineering are presenting a TLS Man in the Middle attack at this week’s USENIX conference in Washington D.C: https://www.usenix.org/system/files/conference/woot15/woot15-paper-hlauschek.pdf . This is a protocol level attack that has a few requirements; a static (EC)DH cipher suite, client authentication with a […]
Read MoreMore Tag