RECENT BLOG NEWS

The U.S. Government Accountability Office (GAO) has pushed for further guidelines and regulations to ensure security in Avionics Systems. The report indicates potential cyber risks such as data spoofing, outdated systems, long update cycles, and software vulnerabilities. Researches have also highlighted the vulnerabilities to in-flight connectivity systems including the usage of cheap equipment to eavesdrop on satellite signals that may expose in-flight passenger data. wolfSSL is the leader in Cybersecurity for Avionics Systems and can be applied to mitigate risks and vulnerabilities that come with these breaches. See how wolfSSL can be used in your Avionics applications today!

Aviation today article can be found here.

Contact Us

Please contact us at facts@wolfssl.com with any questions about the webinar. For technical support, please contact support@wolfssl.com or view our FAQ page.

The sensor network sub-specification of MQTT does not designate a method for securing the communication between the clients and the gateway. We here at wolfSSL think that is unacceptable! Using the DTLS library of wolfSSL, we would like to protect the sensor data all the way from the client to the gateway, and then from the gateway on to the broker using standard TLS (also from wolfSSL).

Who else is interested in a completely secure, all-in-one solution for MQTT-SN? Please let us know by sending a note to facts@wolfssl.com

You can download the latest release here: https://www.wolfssl.com/download/
Or clone directly from our GitHub repository: https://github.com/wolfSSL/wolfMQTT
While you’re there, show us some love and give the wolfMQTT project a Star!

wolfSSL and Microchip are excited to announce our partner webinar: Using WolfSSL and Pre-Configured TrustFLEX ATECC608 Secure Element for TLS Networks co-presented by wolfSSL engineer David Garske and Microchip’s Xavier Bignalet.

Webinar Information 

Date: Wednesday, October 21, 2020

Time: 8:00–8:30 a.m. PDT

Register Here: https://events.microchip.com/shieldsupsession24

Learn how to implement mutual authentication using X509 certificates with the WolfSSL TLS stack and the TrustFLEX ATECC608 secure element from Microchip’s Trust Platform. We will discuss TLS concepts in the first half of the webinar, and then an expert from WolfSSL will give a hands-on demonstration featuring a SAM D21 Arm® Cortex®-M0+ based microcontroller and a WINC1500 Wi-Fi® module to show how easy it is to get started with mutual authentication.

Learn more at: https://www.microchip.com/training/webinars/security/shields-up-webinar-series

About Microchip

Microchip Technology Incorporated is a leading provider of smart, connected and secure embedded control solutions. Its easy-to-use development tools and comprehensive product portfolio enable customers to create optimal designs, which reduce risk while lowering total system cost and time to market. The company’s solutions serve more than 120,000 customers across the industrial, automotive, consumer, aerospace and defense, communications and computing markets. Headquartered in Chandler, Arizona, Microchip offers outstanding technical support along with dependable delivery and quality.

Are you new to wolfSSL?

wolfSSL focuses on providing lightweight and embedded security solutions with an emphasis on speed, size, portability, features, and standards compliance, such as FIPS 140-2 and 140-3, RTCA DO-178C level A certification, and support for MISRA-C capabilities. wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.2, is up to 20 times smaller than OpenSSL, offers a simple API, an OpenSSL compatibility layer, is backed by the robust wolfCrypt cryptography library, and much more. Our products are open source, giving customers the freedom to look under the hood.

If you have any questions about the webinar, please email us at facts@wolfssl.com.

Hope to see you there! 

Contact Us 

Please contact us at facts@wolfssl.com with any questions about the webinar. For technical support, please contact support@wolfssl.com or view our FAQ page. 

Additional Resources 

In the meanwhile, check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL. 

Get pumped for our partner webinar with DDC-I! Introducing “Out-of-the-Box Security for Avionics Systems” co-presented by wolfSSL Engineer, Tesfa Mael and Technical Marketing Manager at DDC-I, Gary Gilliland.  

Modern avionics systems often need to ensure that they are not only safe per DO-178C processes but also that cyber security is addressed. This presentation will outline the architectural elements needed to create such systems and present off-the-shelf products that system developers can readily leverage.

To create a secure product, the system threats must be determined based on how the system is exposed. Once that is determined, requirements can be defined to mitigate those threats. The results of this analysis at a minimum will typically require that the system is required to boot securely. Secure boot basically means that you can guarantee that the software installed on the system has not been tampered with. Also, a secure boot environment implies that any future updates to the software can be installed in a trusted manner.

Once the system is securely booted the RTOS needs to provide a safe and secure foundation for running applications at different design assurance levels and keeping the data separated.

This webinar will explain how the Deos RTOS is a key foundational element for safe and secure system design and how the integration of Deos and wolfCrypt is a very attractive solution for avionics developers who require a secure, out-of-the-box, safety-critical solution that comes complete with DAL A evidence.

Registration Information  

When: Oct 15, 2020 10:00 AM Pacific Time (US and Canada) 

Topic: Webinar: Out-of-the-Box Security for Avionics Systems

Register in advance for this webinar:

https://us02web.zoom.us/webinar/register/WN_Bdkq01nkRJu87zNETsRGVQ

After registering, you will receive a confirmation email containing information about joining the webinar.

Can’t wait to see you there!

Contact Us 

Please contact us at facts@wolfssl.com with any questions about the webinar. For technical support, please contact support@wolfssl.com or view our FAQ page. As always, there will be a Q&A session following the live presentation. 

Additional Resources 

In the meanwhile, check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL. 

Dear Internet,

Would you love to have cURL integrated into your TPM/HSM for enhanced security? Tell us what makes sense! Let us know at facts@wolfSSL.com!

Your’s truly,
wolfSSL

Are you a college or university student interested in application, device, and Internet security?  Do you want to learn more about cryptography, SSL/TLS, SSH, MQTT, TPM, secure boot, and other protocols used to secure connected applications and devices?  If so, continue reading to learn about the wolfSSL Summer of Security internship program!

wolfSSL is the leading global producer of Open Source Internet security products, securing over 2 Billion active connections on the Internet today. The wolfSSL “Summer of Security” program is an internship which spans the Summer months and brings qualified students on-board to learn about how security software is written, tested, and used around the world.

Interns who participate in this program gain valuable knowledge in the embedded SSL/TLS and security industry as well as C programming experience on Linux and embedded systems.  Throughout the summer, interns play a role in improving wolfSSL products – working on testing, documentation, examples, porting, marketing, and interacting with our community.

This program is a great opportunity to be part of the Open Source community, learn how real-world software is created and maintained, gain work experience in the field of Computer Science, and work towards a potential career with the wolfSSL team.

Requirements

Ideal candidates are students who have experience in C programming.  Prior experience with embedded systems, network programming, Linux/Unix, and familiarity with git/GitHub are a plus.

Apply Today!

If you are interested in learning more about the wolfSSL Summer of Security internship program, please send the following items to internships@wolfssl.com:

1. Resume with Cover Letter
2. C Programming Sample
   • A C application which best demonstrates your C programming ability.  There are no requirements on the category or length of the application.
3. Technical Writing Sample
   • A writing sample which best demonstrates your writing ability.  There is no requirement of topic or length of this sample.

Learn More

wolfSSL Homepage
wolfSSL Products Page
wolfSSL User Manual
TLS 1.3 Support!
wolfSSL Examples Repository (GitHub)

wolfSSL will be attending the Virtual MSU Career Fair next week! wolfSSL regularly attends Career Fairs at Montana State University in Bozeman, MT. This year, the MSU Career Fair will be in a virtual format, hosted on the Handshake platform.

wolfSSL will be participating in the career fair on both Wednesday (10/7/2020) and Thursday (10/8/2020). We will be hosting several 30-minute sessions on the Handshake platform which will introduce wolfSSL, our products, and our open internship positions for summer 2021! Each session can hold a maximum of 50 attendees. Current session blocks are scheduled for:

Day 1 – Wednesday (10/7/2020)
– 10:00 – 10:30am MDT
– 11:00 – 11:30am MDT
– 12:00 – 12:30am MDT

Day 2 – Thursday (10/8/2020)
– 3:00 – 3:30pm MDT
– 4:00 – 4:30pm MDT
– 5:30 – 6:00pm MDT

There will also be several 10-minute 1:1 time slots available for students who would like to talk directly with a wolfSSL representative. For more information, visit the MSU Career Fair events on Handshake:

Montana State University Fall Career Fair 2020 – Virtual Fair Day 1
Montana State University Fall Career Fair 2020 – Virtual Fair Day 2

For more information, contact facts@wolfssl.com, or download wolfSSL products from our download page to try them out. We look forward to meeting you!

.NET Core is a .NET implementation that is preferred in situations where cross platform portability is important. Including use in containers and running on environments such as macOS and Linux. wolfSSL has a C# wrapper written for the .NET framework that is fully capable of performing TLS/DTLS connections while using the optimized C code with hardware acceleration. Easy to use examples for a quick start are also bundled with the wolfSSL C# wrapper which can be seen in the directory wolfssl-4.5.0/wrapper/CSharp/ after downloading wolfSSL.

Using Microsoft’s “.NET portability tester” tool to evaluate wolfSSL’s C# implementation resulted in a rating of 95.6% compatible for transitioning over to .NET Core. Showing that the implementation is close, as is, to being able to be used with .NET Core. If using the progressive wolfSSL C# wrapper with .NET Core is something you are interested in, contact us at facts@wolfssl.com for more information.

There are a few significant changes coming with FIPS 140-3. Over the years with many specification updates, a few things got a little inconsistent, so these inconsistencies have been brought back in line. wolfSSL is prepared to deliver the first and best implementation of FIPS 140-3, so get ready:

• The power-on self-test is changing. It now takes two sets of tests: the Pre-operational Self-Test (POST) and the Conditional Algorithm Self-Test (CAST).
• The old Known Answer Tests used as a part of the old test are not required to run at startup. They are now conditional tests that must be run right before use of an algorithm. If you don’t use an algorithm, you don’t need to test it. The tests will run automatically on calling any API for an algorithm.
• The pre-operational self-test is now purely an integrity test of the executable in memory. The algorithms used for this test must be tested first. In our case, HMAC-SHA-256’s CAST is run automatically, then the POST. The POST will be run automatically as wolfCrypt’s default entry point in the code.
• All the tests may be and should be run periodically during run time. We will provide an API to run tests as desired. In an embedded application, you can run your CAST early before any algorithms are used as some CASTs do take time.

wolfSSL has a long history in FIPS 140-2, starting with wolfCrypt FIPS 140-2 Level 1 Certificate #2425 and surviving Certificate #3389. wolfSSL is helping customers move from Certificate #2425 as NIST is sending it into sunset next year. For those who will be impacted, contact us to get your new cert!

wolfSSL is currently the leader in embedded FIPS certificates. Stay tuned as we support you with the best in FIPS 140-3. Be sure to join us for an upcoming webinar on this topic, details forthcoming! 

Additional Resources 

For more information on FIPS or to write to us about your FIPS requirements, please send a note to facts@wolfSSL.com. 

Check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL. 

NXP® Semiconductors N.V. is one of the wolfSSL partner network members. wolfSSL ships with support for offloading cryptographic operations onto several NXP devices (such as the Coldfire and Kinetis) that include hardware cryptography modules. Examples of these operations include utilizing the Crypto Acceleration Unit (CAU), Memory-Mapped Crypto Acceleration Unit (mmCAU), LP Trusted Crypto (LTC), and more.

Using these hardware cryptography modules leads to increased performance when compared to performing hardware cryptography within software only. These speedups increase algorithm performance greatly, and can range from 1.2 times as fast to 14.5 times as fast! In an embedded and connected world, these speedups can make all the difference for an online device or network application. Additionally, these performance increases are available when wolfSSL is being used to manage TLS 1.3 connections, giving your embedded SSL/TLS application the ability to greatly increase performance and use the most up-to-date versions of the TLS protocol.

Benchmark numbers showing the comparison of hardware crypto vs. software crypto can be viewed on the wolfSSL benchmark page, here: https://www.wolfssl.com/docs/benchmarks/. This page also includes sample benchmark data for the NXP i.MX6, and the TWR-K70F120M devices. More benchmarks, and details about wolfSSL and NXP can be viewed on the wolfSSL website: https://www.wolfssl.com/docs/nxp/

More News on wolfSSL Support for NXP

wolfSSL develops a full suite of products supporting NXP designs. Learn about wolfBoot secure boot and TLS 1.3 firmware update with FreeRTOS and wolfSSL on NXP Freedom Board K64 here. And as with every release cycle, 4.2.0 improved support for crypto hardware performance, now on NXP mmCAU (download the latest wolfSSL version 4.5.0 here!) 

wolfSSL also provisions surviving FIPS certificates that can be leveraged for your i.MX8, i.MX7 and i.MX8 CAAM projects. Stay tuned for upcoming FIPS 140-3 support. Also on the roadmap, upcoming support for NXP’s SE050 hardware security chip. This is an external I2C crypto co-processor chip that supports RSA key sizes up to 4096-bit, ECC curves up to 521 bit and ED25519/Curve25519. If your target is missing, tell us!

Write to us at  facts@wolfssl.com so we can learn more about your NXP projects! 

wolfSSL: https://www.wolfssl.com/

NXP Semiconductors: http://www.nxp.com/

TLS 1.3: https://tools.ietf.org/html/rfc8446