RECENT BLOG NEWS

As a lightweight, embedded SSL library, wolfSSL has been used to secure many smart home devices such as lighting, garage doors, washers and dryers, thermostats, as well as a variety of other appliances. Security may not be the first thought when developing a smart home device, but there remains the risk of an attacker gaining […]

Hi! This note is to announce that we will be FIPS 140-2 validating our cryptography library, wolfCrypt, on the FreeRTOS platform. If you need FIPS validated crypto on FreeRTOS, let us know at facts@wolfssl.com.

For those of you who have been following our FIPS progress, we are now in the “Review Pending” phase.  See:  http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140InProcess.pdf (this link is out of date and obsolete, as wolfCrypt now has 2 FIPS validation certificates – #2425 and #3389)

A block cipher is an encryption method that applies a deterministic algorithm along with a symmetric key to encrypt a block of text, rather than encrypting one bit at a time as in stream ciphers. For example, a common block cipher, AES, encrypts 128 bit blocks with a key of predetermined length: 128, 192, or […]

wolfSSL is proud to announce that several wolfCrypt algorithms have received FIPS 140-2 algorithm certificates. The National Institute of Standards and Technology (NIST) website has been updated to reflect wolfSSL`s validation. wolfSSL`s wolfCrypt has received the following certificate numbers and can be viewed at the respective links. AES validation certification #3157 https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=3157 Triple DES validation certification #1800 […]

If you are looking for an SSL/TLS library to provide security in connected ARM environments, wolfSSL is by far the best choice. wolfSSL is an ARM partner, and our code has been optimized for ARM environments. Public key operations in CyaSSL (wolfSSL) have optimized assembly code that gives wolfSSL faster RSA, Diffie-Hellman, and DSA times. […]

Below is a link to wolfSSL’s SSL/TLS tutorial video on setting up a basic client and server with the CyaSSL lightweight, embedded SSL/TLS library. This video provides a detailed step-by-step set of instructions, including code, for incorporating CyaSSL into an application. The tutorial walks through Chapter 11 of the CyaSSL manual. SSL/TLS Tutorial with CyaSSL […]

Some TLS implementations are vulnerable to the October POODLE attack that at the time was thought to be limited to SSLv3 only: https://www.imperialviolet.org/2014/12/08/poodleagain.html .  These implementations are incorrectly using a SSLV3 decoding function while in TLS mode.  wolfSSL is not susceptible, it correctly uses TLS decoding while in TLS mode.  We would like to reiterate Adam Langley’s […]

CyaSSL version 3.3.0 offers: • Secure countermeasures for Handshake message duplicates, CHANGE CIPHER without FINISHED, and fast forward attempts added to our source code.  Thanks to Karthikeyan Bhargavan from the Prosecco team at INRIA Paris-Rocquencourt for the report.  This is an important fix and all users should update! • Complete testing for FIPS 140-2 version […]

INSTEON is leading the way in the field of home automation and control technology with a line of products that include a wide range of smart home devices such as lighting, motion detectors, and security systems. All INSTEON products can be centrally accessed through the Hub, a product that has the ability to connect the […]