RECENT BLOG NEWS

It recently came to our attention that the preprocessor macro ALT_ECC_SIZE was missing in our documentation. As a result we decided to post a blog about this to help inform customers of the value for using this in space constrained devices using the fastmath math library with RSA/DH and ECC in wolfSSL. ALT_ECC_SIZE: The fastmath […]

A recent paper used wolfSSL as a test bed for proving out their attack on Ed25519 signatures.  You can read the paper here: https://eprint.iacr.org/2017/985.pdf .  This was not an attack on wolfSSL itself or its implementation, but rather a differential power attack that involves SHA-512 and Ed25519.  The recommended countermeasure is to change Ed25519 and […]

According to a recent article,  researchers have announced that Wi-Fi security has a protocol level exploit that can render all Wi-Fi traffic vulnerable to sniffing or manipulation. The good news is that if you are already using an independent form of end-to-end encryption such as SSL/TLS then the stolen packets are of little use as […]

wolfSSL has support for Intel SGX and we do continuous integration testing on that support. This means that every night a process starts up and runs unit tests on crypto operations in a secure Enclave. Here’s a peek at some of the on going tests in action… LINK => App GEN => trusted/Wolfssl_Enclave_t.c CC <= […]

wolfSSL has supported the ThreadX/NetX RTOS with the TLS protocol. Recently we added the ability to use DTLS with NetX. Out of the box, wolfSSL has the I/O callback functions for handling UDP packets for DTLS. As an extension to DTLS, wolfSSL also supports Multicast DTLS. If you would like to know more please contact our sales team […]

One of the major new features of TLS v1.3 is the 0-RTT handshake protocol. This variation of the handshake, using Pre-Shared Keys (PSKs), allows the client to send encrypted data to the server in the first flight. This is particularly useful for TLS on embedded devices. Take the example of IoT. There may be thousands […]

The security of wolfSSL products is always on our mind and holds high importance.  Conducting regular, diligent, and well-planned testing helps maintain wolfSSL’s robustness and security.  We strive to write and maintain clean, readable, and understandable code. Like the halting problem, we know it is impossible to test every single possible path through the software, but […]

We would like to announce that the wolfSSL embedded SSL library now has support for hardware-based cryptography and random number generation offered by the STM32F7.  Supported cryptographic algorithms include AES (CBC, CTR), DES (ECB, CBC), 3DES, MD5, and SHA1.  For details regarding the STM32F7 crypto and hash processors, please see the STM32F7 Hardware Abstraction Layer (HAL) and […]

Are you a user of PikeOS or ElinOS, and interested in a lightweight TLS 1.3 implementation?  The wolfSSL embedded SSL/TLS library now supports TLS 1.3 (drafts 18 and 20).  TLS 1.3 improves performance of establishing TLS connections by reducing the required number of round trips during the TLS handshake (including a new 0-RTT option where applications can […]

As you may know, wolfSSL includes support for offloading cryptography operations into NXP Coldfire and Kinetis devices that include the CAU, mmCAU, or LTC hardware crypto modules. Taking advantage of these modules improves performance of both the cryptography and the SSL/TLS layer running on top of it. Here is a quick comparison of performance between […]