RECENT BLOG NEWS

Here`s a good article if you`re wondering how SHA-3 will be used:  http://community.embeddedswstore.com/t5/Embedded-Connection/Why-Does-Embedded-Security-Get-Overlooked/ba-p/286 From the article: “What then will SHA-3 be good for? While Polk says it may take years to identify all the possibilities for Keccak, it immediately provides an essential insurance policy in case SHA-2 is ever broken. He also speculates that the […]

Researchers from two German universities have found that a large number of Android applications available today in the Google Play store have vulnerabilities related to SSL usage which may open the door for malicious man-in-the-middle attacks. You can find several blog posts explaining the vulnerabilities including one from Network World and the H Online. The […]

On October 12, NIST announced Keccak as the winner of its Secure Hash Algorithm (SHA-3) competition. Keccak is designed to permute the data in a different manner than MD5, SHA-1, and SHA-2, making it immune to many of the attacks on those hashes. It promises roughly 13 cycles per byte to process the hash. The […]

Do you currently use the Yocto Project or OpenEmbedded? We would like to announce the availability of the “meta-yassl” layer for both Yocto and OpenEmbedded. This layer adds support for the lightweight wolfSSL embedded SSL library to these projects and can be easily added to your existing Yocto or OpenEmbedded setup. The layer can be […]

yaSSL and Intel have jointly published a white paper describing how Intel’s AES-NI can be used with the wolfSSL embedded SSL library. This paper provides a brief overview of the Intel AES-NI instructions and demonstrates the performance gains realized when Intel AES-NI is used in place of a more traditional software-only based AES implementation. The […]

You may have noticed that with our most recent release of the wolfSSL embedded SSL library (2.3.0), we have made our example client and server applications more flexible and easier to use. These updated applications – client (./examples/client/client) and server (./examples/server/server) – now offer a variety of command line options to adjust things ranging from […]

The CRIME attack has been in the news recently, and some of our users have been asking about it.  The short version of responding to the attack is simple:  disable TLS compression.  In wolfSSL, compression is disabled by default.  The Tor project has posted an excellent explanation of the attack in their blog.  For more […]

Hi!  To our users concerned about the following security advisory:  http://www.securelist.com/en/advisories/50605 (as of 26 March 2018 at 9:28am MDT, this link no longer works and has no alternative), it is a vulnerability related specifically to SSL 3.0 and TLS 1.0.  When using CyaSSL, you can avoid this vulnerability using one of several methods, including: 1. Using […]

If you are a user of the popular MacPorts project on OS X, you may be happy to hear that the wolfSSL embedded SSL library is now available as a MacPorts package. If you are not familiar with the MacPorts Project, a brief summary from their website does an excellent job of explaining the project. […]

As you may know, CTaoCrypt is the underlying cryptography library used by the wolfSSL embedded SSL library. We’ve had several users choose to use CTaoCrypt’s crypto algorithms because they are easy to isolate and use independently of the library itself. For example, if you need to use MD5 in your own code but don’t want […]