Avoid BEAST attack when using CyaSSL lightweight SSL implementation

Hi!  To our users concerned about the following security advisory:  http://www.securelist.com/en/advisories/50605 (as of 26 March 2018 at 9:28am MDT, this link no longer works and has no alternative), it is a vulnerability related specifically to SSL 3.0 and TLS 1.0.  When using CyaSSL, you can avoid this vulnerability using one of several methods, including:

  1. 1. Using a higher level of the SSL/TLS protocol – either TLS 1.1 or TLS 1.2

  2. 2. Using TLS 1.0 or SSL 3.0 with a stream cipher. CyaSSL supports several, including RC4, HC-128, and RABBIT.

3.  If you must use SSL 3.0 or TLS 1.0 with a block cipher, split the first SSL write at the application level into fragments (as modern browsers do).

If you have further concerns or questions, please contact us at info@yassl.com.