Author: wolfSSL

We are pleased to announce that wolfCrypt now has support for SRP6a (Secure Remote Password Protocol version 6a). SRP is a password authentication and key-exchange protocol suitable for authenticating users and exchanging keys over an untrusted network designed by Thomas Wu at the Computer Science Department of Stanford University. The SRP implementation can be enabled […]

Read MoreMore Tag

On Thursday, June 11th, Facebook open-sourced a new software development tool called Infer–a next generation static analyzer. Static analysis is the process of using a tool to scan for bugs in source code without actually running a program. Infer has the ability to detect null pointer access errors, as well as resource and memory leaks. […]

Read MoreMore Tag

As stated in the TLS 1.1 and 1.2 protocol definitions (RFC 4346, RFC 5246), “The primary goal of the TLS protocol is to provide privacy and data integrity between two communicating applications.” TLS 1.2 is an improvement to the TLS 1.1 standard, but how exactly do they differ? What was changed in TLS 1.2 to […]

Read MoreMore Tag

wolfSSL, in partnership with Security Innovation, has added support for the proposed “Quantum-safe hybrid” ciphersuite. Having this cipher suite supported in the wolfSSL embedded TLS library allows two parties to use any existing ciphersuite and “quantum-safe” any traffic protected by that ciphersuite. This means that an attacker who records the traffic and later develops a quantum computer […]

Read MoreMore Tag

wolfSSL (formerly CyaSSL) recently added a build option called “Max Strength”. This build option forces most cipher suites to be disabled at compile time to prevent their accidental use during run time. Options such as MD5, 3DES, and ARC4 are left out of the build completely. The cipher suites that are enabled by default have […]

Read MoreMore Tag

OpenSSL released a security advisory on July 9th 2015: https://www.openssl.org/news/secadv_20150709.txt .  Some wolfSSL embedded TLS users are probably wondering if similar security fixes are required in wolfSSL.  The answer to that is no.  Specifically, Alternative chains certificate forgery (CVE-2015-1793) is an OpenSSL implementation bug.  Faulty logic allowed untrusted certificates to appear as trusted.  Since wolfSSL, CyaSSL, and yaSSL […]

Read MoreMore Tag

Hi!  As many of our users know, we use Zendesk to track our support tickets.  Zendesk includes some sweet tools that we enjoy, including an automated user satisfaction tool.  The tool surveys users after they have submitted a support case to us.  Upon review of our support statistics for the first half of this year, […]

Read MoreMore Tag

For those who want to use wolfCrypt separately to do cryptography operations, we are happy to announce that the first version of the wolfCrypt API documentation is now available. The wolfCrypt API Reference is available to browse online and also available for download in PDF format. Link: wolfCrypt API Reference wolfCrypt has a broad range […]

Read MoreMore Tag

If working on a memory constrained device we now have memory optimized Ed25519 and Curve25519 options. This can be enabled with using the configure setting “./configure –enable-ed25519=small –enable-curve25519=small –enable-sha512”. The new feature allows for a trade off in memory usage versus speed. All of the operations in the memory optimized build, except for SHA-512, use […]

Read MoreMore Tag

Larry Stefonic, our CEO, was recently interviewed by TechnologyAdvice on the future of wearables: an important space for embedded SSL/TLS and cryptography. With the advent of the Internet of Things we are increasingly using connected devices throughout our day.  Unsecured, these devices leave us vulnerable in ways not even imaginable 20 years ago.  Larry talks […]

Read MoreMore Tag