Author: wolfSSL

“wolfSSL enables Freescale`s hardware encryption for embedded tls, embedded cryptography, and the IoT” wolfSSL Inc, the most popular embedded SSL, cryptography, and FIPS 140-2 provider for the IoT, has partnered with Freescale to deliver high performance, hardware enabled cryptography for Freescale`s MQX RTOS on the Kinetis platform. The hardware cryptography is enabled through wolfSSL`s well […]

Read MoreMore Tag

The new release of the wolfSSL embedded SSL library has bug fixes and new features including: – Max Strength build that only allows TLSv1.2, AEAD ciphers, and PFS (Perfect   Forward Secrecy).  With –enable-maxstrength.– Server side session ticket support, the example server and echoserver use the   example callback myTicketEncCb(), see wolfSSL_CTX_set_TicketEncCb().– FIPS version submitted for iOS.– […]

Read MoreMore Tag

Have you heard about the recent ChaCha20-Poly1305 AEAD and are wondering about how secure it is? It`s comprised of two ciphers, ChaCha20 and Poly1305, that are designed to be constant time, making it naturally resistant to timing attacks. The AEAD is being used by many notable companies that also trust it for their security – […]

Read MoreMore Tag

OpenSSL released a security advisory on June 11th 2015: https://www.openssl.org/news/secadv_20150611.txt.  Some wolfSSL embedded TLS users are probably wondering if similar security fixes are needed in wolfSSL.  The answer to that is no.  Specifically, CVE-2015-1788 – 1792 and CVE-2014-8176 are OpenSSL implementation bugs.  Since wolfSSL and CyaSSL embedded SSL libraries have a completely different code base […]

Read MoreMore Tag

To support our customers pursuing FIPS 140-2 validations or Common Criteria evaluations, wolfSSL is adding FIPS 186-4 KeyGen to our next FIPS 140-2 validation.  We are scheduled to complete CAVP algorithm testing in June and testing with our FIPS Laboratory in July. Please contact wolfSSL at fips@wolfssl.com if you need a tested implementation of FIPS […]

Read MoreMore Tag

Version 1.2.0 of wolfSSL JNI is now available for download. wolfSSL JNI provides Java applications with a convenient Java API to the widely-used wolfSSL embedded SSL/TLS library, including support for TLS 1.2 and DTLS 1.2. This release contains bug fixes and features including: – Updated support for wolfSSL 3.4.6 and CyaSSL to wolfSSL name change […]

Read MoreMore Tag

Effective immediately, FIPS Testing Laboratories must verify that cryptographic modules implement the health testing described in SP 800-90A (Section 11.3). The wolfCrypt FIPS 140-2 Cryptographic Module (currently in “Coordination” at the CMVP) implements the health testing for the SP 800-90A Hash_DRBG.   Cryptographic modules that do not include health testing will be placed on “HOLD” […]

Read MoreMore Tag

The Logjam Attack exploits legacy SSL cipher suites from the 1990s that use DH and DHE export keys.  By definition a server in export mode has to use a low bit strength DH key (512 bits or less), which can now be cracked swiftly.  Even if a client supports export cipher suites but doesn’t broadcast […]

Read MoreMore Tag

“wolfSSL uses Intel`s extended instructions to accelerate crypto algorithms for IoT. wolfSSL, an open source SSL/TLS security company has optimized the wolfSSL Transport Layer Security (TLS) library on 5th generation Intel® Core™ processors. With the inclusion of Intel’s extended instructions developers can use the wolfSSL libraries for applications on many devices, including embedded technologies. The […]

Read MoreMore Tag

Hi! A few years ago we collaborated with the MIT Kerberos team to port Kerberos to Android with wolfCrypt as the crypto engine. We have recently worked to get our wolfCrypt product FIPS 140-2 certified, and as such, can make a FIPS 140-2 version of Kerberos available to the market on Android and other platforms. […]

Read MoreMore Tag