RECENT BLOG NEWS

Secure Renegotiation will allow for a server to differentiate between an initial connection and a renegotiation, protecting against “man-in-the-middle” attacks during renegotiations. “Secure Socket Layer (SSL) and Transport Layer Security (TLS) renegotiation are vulnerable to an attack in which the attacker forms a TLS connection with the target server, injects content of his choice, and […]

Simple Certificate Enrollment Protocol, better known as SCEP, is a way to simplify certificate handling for everyday users. This Public Key Infrastructure communication protocol is designed to enable certificate management and certificate/CRL queries within a closed network. According to the Internet Engineering Task Force, SCEP uses PKCS#7 and PKCS#1 over HTTP and supports CA and […]

Preliminary benchmarks on the upcoming curve25519 implementation display why it is listed as being a speed record breaker. On average, a TLS connection using curve25519 with RSA signature, 128 bit AES and SHA is approximately 15 percent faster than when using NIST curves with the same suite. When using the recently released ChaCha20-Poly1305 suite and […]

CyaSSL version 3.2.0 has been released and is now available for download from the wolfSSL website.  This release includes bug fixes and several new features which we think will be beneficial to our user and customer base.  Fixes and features include: – ChaCha20 and Poly1305 crypto and suites– Small stack improvements for OCSP, CRL, TLS, […]

Retailers worldwide have been scrambling to maintain secure POS(point of sale) systems after the latest security breaches to corporations such as UPS, Target and, most recently, Home Depot. Larger corporations should not be the only ones concerned. According to the RSA Conference blog post, “Understanding PoS Malware Infecting Retailers,” the malware involved is simple to […]

Open Source plays an important role in securing the Internet of Things. As more embedded products become available and security updates are required, devices will reach end-of-life, no longer supported by their creators, but will still remain in use. In the case of an open source project, developers within the open source community can contribute […]

Recently at the CRYPTO 2014 conference rump sessions several interesting papers were presented. Ron Rivest presented a paper he and Jacob C. N. Schuldt wrote on finding an improved replacement for the RC4 stream cipher they named Spritz. Their goal was to find a drop in replacement for RC4 that wasn’t susceptible to the known […]

wolfSSL has released a case study highlighting how Sensity Systems is using the CyaSSL lightweight SSL/TLS library to secure Light Sensory Networks (LSNs).  This case study highlights the key requirements Sensity had for securing their devices, how CyaSSL was used as a solution, and summarizes Sensity’s thoughts on the project. As stated on the Sensity […]

CyaSSL now has example projects that can be compiled in Code Composer Studio (CCS) and debugged on the Tiva™ C Series TM4C1294NCPDT (1294XL) Connected Launchpad. Please see the README under wolfSSL / wolfssl-examples / tirtos_ccs_examples on www.github.com for instructions on building CyaSSL with Texas Instruments-Real Time Operating System (TI-RTOS). Please visit http://www.ti.com/tool/sw-tm4c for all other […]

IBM`s operating system, AIX (Advanced Interactive eXecutive), is the standard operating system for the RS/6000 series. The RS/6000 series being UNIX servers, workstations, and supercomputers made by IBM. AIX is also currently supported in IBM`s Power Systems. One of the notable features in their 2010 release is that it could support 256 cores /1024 threads […]