RECENT BLOG NEWS

So, what’s new at wolfSSL? Take a look below to check out the most recent news, or sign up to receive weekly email notifications containing the latest news from wolfSSL. wolfSSL also has a support-specific blog page dedicated to answering some of the more commonly received support questions.

yaSSL Embedded Web Server Porting Services

Are you interested in using the yaSSL Embedded Web Server in your project or on your device but have discovered that it currently lacks support for your desired platform? yaSSL offers a porting service for the yaSSL Embedded Web Server for just this occasion.

If you are interested in having us port the yaSSL Embedded Web Server to your platform, please contact us at info@yassl.com for more information about cost and time estimates.

Born in the USA!

We receive a lot of questions about the origins of the CyaSSL and CTaoCrypt software packages.  We get asked where they were developed, and by who?  These questions usually come from US government agencies and their contractors.  Simply stated, mes amis, CyaSSL was Born in the USA and written by US citizens.

If you have any additional questions about the origins of the CyaSSL embedded SSL library, please contact us at info@yassl.com

Benchmarking the wolfSSL Embedded SSL Library

Many of our users are curious about how the wolfSSL embedded SSL library will perform on a specific hardware device or in a specific environment. Because of the wide variety of different platforms and compilers used today in embedded, enterprise, and cloud-based environments, it is hard for us to give generic performance calculations across the board.

To help our users and customers in determining SSL performance for wolfSSL / CTaoCrypt, we provide a benchmark application which is bundled with wolfSSL. wolfSSL uses the CTaoCrypt cryptography library for all crypto operations by default. Because the underlying crypto is a very performance-critical aspect of SSL/TLS, our benchmark application runs performance tests on CTaoCrypt’s algorithms.

The benchmark utility is located in ctaocrypt/benchmark. Typical output may look like:

./ctaocrypt/benchmark/benchmark
AES 5 megs took 0.033 seconds, 149.84 MB/s
ARC4 5 megs took 0.017 seconds, 297.23 MB/s
HC128 5 megs took 0.004 seconds, 1185.10 MB/s
RABBIT 5 megs took 0.011 seconds, 453.14 MB/s
3DES 5 megs took 0.236 seconds, 21.18 MB/s

MD5 5 megs took 0.011 seconds, 444.13 MB/s
SHA 5 megs took 0.019 seconds, 261.73 MB/s
SHA-256 5 megs took 0.041 seconds, 122.98 MB/s
SHA-512 5 megs took 0.023 seconds, 213.44 MB/s

RSA 2048 encryption took 0.11 milliseconds, avg over 100 iterations
RSA 2048 decryption took 2.36 milliseconds, avg over 100 iterations
DH 2048 key generation 0.88 milliseconds, avg over 100 iterations
DH 2048 key agreement 0.92 milliseconds, avg over 100 iterations

This is especially useful for comparing the public key speed before and after changing the math library. You can test the results using the normal math library (./configure), the fastmath library (./configure –enable-fastmath), and the fasthugemath library (./configure –enable-fasthugemath).

As always, please contact info@yassl.com with any questions or comments.

GCM Encryption Mode Coming to wolfSSL

We`ve started implementing Galois/Counter Mode (GCM) into wolfSSL.  Specifically for use with AES and as a cipher suite for embedded SSL.  One of the benefits of GCM is its efficiency and its performance appears to be pretty good as well.  As an authenticated encryption algorithm it provides both integrity and confidentiality.  We expect to see it more widely adopted in the near future.  If you`re interested in testing AES with GCM or have any question or comments please let us know.

GCM (Wikipedia): http://en.wikipedia.org/wiki/Galois/Counter_Mode

-Team yaSSL

wolfSSL in the Embedded Software Store

A short time ago, we announced the unveiling of the online Embedded Software Store by ARM and Avnet (previous post). Since that time, there has been some feedback on the site itself and many bugs and errors have been fixed.

We wanted to point our readers to the wolfSSL product page on the Embedded Software Store, now that it has been updated. Do you have any feedback on the store itself or on the wolfSSL product page? Do you like the idea of having an online store for your embedded software needs?

wolfSSL Product Page (Embedded Software Store):
http://embeddedsoftwarestore.com/store/em/SearchCommand?storeId=500201&langId=-1&catalogId=500201&action=Product&R=5001841600038

We look forward to hearing your thoughts at info@yassl.com.

Thanks!
– yaSSL

wolfSSL 2.0.2 is Now Available

Version 2.0.2 of the wolfSSL embedded SSL/TLS library has been released and is now available for download! The first final release of wolfSSL 2.0 after three release candidates provides users and customers with additional bug fixes and feature enhancements. Specifically, version 2.0.2 adds:

– Bug fixes
– CTaoCrypt Runtime library detection settings when directly using the crypto library
– Default certificate generation now uses SHAwRSA and adds SHA256wRSA generation
– All test certificates now use 2048-bit and SHA-1 for better modern browser support
– Direct AES block access and AES-CTR (counter) mode
– Microchip pic32 support

To download the open source, GPLv2-licensed version of wolfSSL 2.0.2, please visit our Download Page. If you have any questions or comments or would like more information on commercial versions of wolfSSL, please contact us at info@yassl.com.

For build instructions, a full feature list, API reference, and more, please see the wolfSSL Manual.

Secure your printer, prevent fires!

We`ve noticed a couple articles lately mentioning printers as potential attack vectors.  One is particularly disturbing in that not only is a network breach possible, as if that`s not bad enough, but cracked firmware could cause a printer to heat up enough to start a fire: http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say .  

An easy way to prevent attack vectors like these is to build in a secure firmware updater.  Of course we think the embedded SSL solution wolfSSL is a perfect fit for this job.  Several printer models already use wolfSSL to secure documents and resources on the network.  We`d like to assist and provide tools to printer vendors (or any device vendor really) to protect the firmware, preventing attacks against data, property, and even lives.  Let us know if you have any questions or comments or are interested in building/using tools for firmware protection.

Team yaSSL.

wolfSSL Supports Forward Secrecy

Ever wondered what forward secrecy is and how it applies to SSL/TLS?  Forward secrecy protects current encryption even in the event of a future crack of a long term private key.  Using ephemeral keying in TLS with DHE or ECDHE yields this protection because the temporary key is unique and never used again.  So even if the server`s private key is cracked two years from now your current communication is still secure.  wolfSSL offers several cipher suites that give users this added security:

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  
If you have any comments or questions please let us know.

Happy Thanksgiving, 
Team yaSSL

Posts navigation

1 2 3 164 165 166 167 168 169 170 183 184 185

Weekly updates

Archives