RECENT BLOG NEWS

So, what’s new at wolfSSL? Take a look below to check out the most recent news, or sign up to receive weekly email notifications containing the latest news from wolfSSL. wolfSSL also has a support-specific blog page dedicated to answering some of the more commonly received support questions.

FIPS 140-3 and CNSA 2.0 with a Single TLS Connection

Can you believe it? With wolfSSL you can now have a TLS 1.3 connection that is compliant with both FIPS 140-3 and the CNSA 2.0! Want to know how?

For key establishment, we can use the new ML-KEM-1024 (also known as Kyber-1024 which is at security level 5 as defined by NIST) hybridized with ECDH on curve P-521.

In terms of authentication, we can use our dual algorithm certificates where the conventional algorithm is ECDSA on curve P-521 and the alternative algorithm is ML-DSA-87 (also known as Dilithium 5 which is at security level 5 as defined by NIST). The server would then also have conventional and alternative private keys so they would both be used to sign the transcript.

For the cipher suite, We can use AES-256-GCM-SHA384; this is approved by both FIPS 140-3 and CNSA 2.0.

And just like that, we have dual compliance! Want more details and a demo with steps to do it yourself? Not to worry, we’ll have a webinar soon to explain how you can achieve this yourself as well! Please stay tuned.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Do you have code that can be upgraded to Post Quantum?

By now most people interested in security have heard about the NIST Post Quantum Announcement and the specific algorithms derived from CRYSTALS-Dilithium, CRYSTALS-KYBER and SPHINCS. Our team was there at the White House!

We’ve had experimental Post Quantum support for years. See our blog from 2021: Hybrid Post Quantum Groups in TLS 1.3. Post Quantum has also been in cURL since 2021 as well. We’ve developed PQ libraries that work on everything from the largest computer systems to the smallest devices such as the Espressif ESP32!

But do you know if and how your code can be upgraded to take advantage of these new standards? We can help! We have a variety of public and internal tools that can be used to quickly and efficiently search your codebase for API calls that are targets for Post Quantum upgrades.

When you are ready to move on to the next step, wolfSSL will be there for you! Need to have your project NIST Certified? Recently we announced that wolfSSL is the First in the World to offer FIPS 140–3 Automated Submission with our NIST Certificate #4718.

For more details, see our blog What is FIPS (In-Depth Overview).

Have specific requests or technical questions? We’d love to hear from you! Please reach out to us at support@wolfSSL.com or open an issue on GitHub. For general inquiries, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Rapid prototyping with Arduino and wolfSSL

RapidPrototyping wolfSSL v5.7.2 on Arduino

Do you have an idea for a project but want a quick prototype without the hassle of a custom board? We’re happy to announce that our latest wolfSSL v5.7.2 library is now available in the Arduino Registry for rapid prototypes.

Just type “wolfSSL” in the Library Manager of the Arduino IDE. If nothing happens right away, check to see if the IDE is downloading updates as indicated in the lower-right corner of the app and wait for the process to complete.

There are TLS Client and Server apps, as well as a bare-bones Hello World that just prints the wolfSSL version. See the bottom of the list in Files – Examples – “Examples from Custom Libraries” in the IDE.

Just edit the SSID and Password:

All of the source code is available at: https://github.com/wolfSSL/Arduino-wolfSSL. We also have a more detailed Getting Started with wolfSSL on Arduino guide.

Want to check performance? Check out our recent blog: How do you benchmark cryptography?

When you are ready to move on to the next step, wolfSSL will be there for you! Need to have your project NIST Certified? Recently we announced that wolfSSL is the First in the World to offer FIPS 140–3 Automated Submission with our NIST Certificate #471.

See our prior blogs on:

The What is FIPS (Quick Overview) blog also applies to RISC-V with regards to how your RISC-V Operating Environment (“OE”) can be certified:

  1. You send us your hardware and toolchain.
  2. We run the initial tests which ensure the cryptography module behaves according to specification given your specific hardware and operating system.
  3. The CMVP certified lab runs and verifies the tests and their documentation.
  4. The test results are submitted to CMVP for review.
  5. Your specific operating environment is added to our certificate.
  6. You are FIPS 140 compliant in 60-90 days.

For more details, see our blog What is FIPS (In-Depth Overview).

Have specific requests or technical questions? We’d love to hear from you! Please reach out to us at support@wolfSSL.com or open an issue on GitHub. For general inquiries, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Live Webinar: Mastering curl Command Line Training

Master one of the most powerful tools in a developer’s toolkit. Join us for an exclusive live webinar where Daniel Stenberg, the creator of curl, will guide you through the ins and outs of this essential command-line tool.

Register today: Mastering curl Command Line Training
Date: September 5th | 10 am PT

curl is the Swiss Army knife of Internet transfers, widely used for its robust command-line options. Over the years, new features have been continuously added, making it even more versatile.

This talk will highlight some of the most powerful and intriguing recent additions to curl, including lesser-known tricks that can enhance your command lines, expand your “tool belt,” and boost your productivity. We’ll also cover trurl, a newly created companion tool for URL manipulations that you might not yet realize you need.

Register now! This presentation could take your curl skills to the next level.

As always, our webinars will include Q&A sessions throughout. If you have questions on any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

wolfSSH VxWorks FIPS 140-3

Do you need SSH support for an embedded device running VxWorks and do you have a FIPS 140-3 requirement? wolfSSL has what you need: wolfSSH, an embedded SSH library running on top of our wolfCrypt FIPS library, and the wolfCrypt module holds the world’s first SP800-140Br1 FIPS 140-3 Validated, Certificate #4718.

While full FIPS 140-3 support on VxWorks isn’t here yet, stay tuned! Exciting developments are on the horizon. We’re working hard to bring this capability to you in the very near future!

Interested in learning more or preparing for what’s ahead? Email us at fips@wolfSSL.com, and let’s discuss how we can help you integrate wolfSSH into your VxWorks application and guide you through the FIPS process when the time comes.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Learn more about wolfSSL at Espressif DevCon 24

Espressif DevCon24 Getting Started with wolfSSL Best-Tested Commercial-Grade Cryptographic Libraries

It’s Expressif DevCon season again, and everyone is excited to attend the free online Espressif Developer Conference September 3-5 2024, 13:00-18:30 CEST (3 AM to 9:30 AM Pacific). For those of you on the West Coast of the USA, the wolfSSL presentation is on Day 2 at 8:30 AM Pacific Time.

Many people have already attended live or viewed another Getting Started webinar already available on YouTube:

Getting Started with wolfSSL on the Espressif ESP32

The wolfSSL presentation at Espressif DevCon24 will cover even more material and dive into a specific coding example of establishing your own TLS connection. We’ll also discuss how to use wolfSSL Managed Components, using various platforms such as Arduino, PlatformIO, VS Code, Visual Studio with VisualGDB, and more.

Tune in and learn more about why wolfSSL is the world’s leader in cryptographic solutions for the ESP32 and many other devices.

Check out our Espressif Examples on Github.

Ready to take your project to the next level? Not only do we have Post Quantum solutions for he ESP32, but we also recently announced that wolfSSL is the First in the World to offer FIPS 140–3 Automated Submission with our NIST Certificate #4718.

See our prior blogs on:

Have a specific request or questions? We’d love to hear from you. Please contact us at support@wolfSSL.com or open an issue on GitHub.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Part 5: 5 Real-World Use Cases and Troubleshooting

Are you interested in FIPS 140-3 RISC-V Certification? Check out our RISC-V Announcement:

wolfSSL Embraces RISC-V; FIPS 140-3 Certifications Now Available

Here are some places where wolfSSL can be found:

  1. Hex Five And wolfSSL Announce The First Secure IoT Stack For RISC-VHex Five Security, Inc., in collaboration with wolfSSL, has developed the first secure IoT stack for RISC-V, which is a significant advancement for secure embedded systems. This stack integrates Hex Five’s MultiZone™ Security, a trusted execution environment (TEE) that allows for hardware-enforced separation of software components into multiple isolated zones, with wolfSSL’s TLS 1.3 cryptographic library. This combination ensures that any security vulnerabilities in one part of the system are contained, preventing them from compromising the entire IoT device.

    “wolfSSL, a leading provider of TLS cryptography and Hex Five Security, provider of MultiZone™ Security, the first Trusted Execution Environment for RISC-V announce general availability of the industry-first secure IoT stack for RISC-V – a TLS 1.3 reference implementation of freeRTOS with hardware-enforced separation between OS, TCP/IP stack and root of trust”

    This secure IoT stack is particularly valuable for RISC-V developers as it addresses the security challenges inherent in monolithic system designs by enabling fine-grained separation and protection of system functions. The stack is open source and available for developers on GitHub, promoting wider adoption and innovation within the RISC-V community?.

  2. wolfSSL and Synopsys are working together to bring the wolfSSL portfolio of products to the Synopsys ARC® architecture.The Synopsys ARC Access Program is a collaborative initiative that supports a diverse ecosystem of hardware and software vendors in developing optimized solutions for Synopsys DesignWare® ARC® processors. The program provides members with access to essential development tools, such as ARC MetaWare, as well as opportunities for joint marketing and technical collaboration. This ecosystem is designed to accelerate the development and deployment of ARC-based embedded systems across various industries.

    As part of this program, wolfSSL offers its lightweight and embedded security solutions, which are highly optimized for speed, size, and portability, to enhance the security of ARC-based systems. This collaboration helps developers integrate advanced cryptographic features into their designs, ensuring secure communication and data protection in embedded applications.

  3. Microchip Microsemi PolarFire SoCThe Microchip Microsemi Accelerate Ecosystem Partner Program is a collaborative initiative that connects Microsemi with industry leaders in silicon, IP, systems, software, and design services to deliver integrated and pre-validated solutions. This program helps partners accelerate time to market and revenue generation through technology collaboration, joint marketing efforts, and sales acceleration. Notably, wolfSSL, a leading provider of SSL/TLS libraries, is part of this ecosystem, offering secure communication solutions that integrate with Microsemi’s products, enhancing security and performance for end customers?.
  4. Lightway, ExpressVPN’s new protocol for a superior VPN experienceWe at wolfSSL are proud to be partners with the awesome team over at ExpressVPN.

    Also read what you need to know about the OpenSSL bug:

    “Our Lightway VPN protocol uses wolfSSL for all of its cryptographic needs and does not use OpenSSL at all. That means that all Lightway clients and servers are totally unaffected by the OpenSSL bug. If you connect to ExpressVPN using Lightway (which is the default in our apps), you’ll be protected by wolfSSL”

  5. Espressif Managed ComponentsAnother company leveraging wolfSSL for RISC-V is Espressif, specifically in their ESP32-C3 and ESP32-C6 devices. wolfSSL has integrated RISC-V hardware acceleration into these devices, enhancing cryptographic performance. This integration allows Espressif’s RISC-V-based chips to benefit from the high-performance, lightweight SSL/TLS libraries that wolfSSL is known for, providing secure communication capabilities optimized for embedded systems.

    There are more details on Getting Started with Managed Components in our prior blog.

    See also:

Having any questions or problems with wolfSSL? We want to help!

  1. Check out the documentation
  2. Reach out to us on our product forums
  3. Open a GitHub issue
  4. View the wiki
  5. Send us an email at support@wolfSSL.com

Are you interested in RISC-V or FIPS Certification? We want to hear about your project!

If you have questions about any of the above, please contact us at facts@wolfSSL.com, +1 425 245 8247, or open an issue on GitHub.

Download wolfSSL Now

Part 4: Customization and Advanced wolfSSL Features on RISC-V

Are you interested in FIPS 140-3 RISC-V Certification? Check out our RISC-V Announcement:

wolfSSL Embraces RISC-V; FIPS 140-3 Certifications Now Available

The RISC-V architecture, known for its open-source and customizable nature, has seen a growing adoption in various embedded systems and IoT applications. As developers continue to push the boundaries of what RISC-V can achieve, the need for robust, secure, and highly optimized cryptographic solutions has become increasingly important. Enter wolfSSL, a lightweight SSL/TLS library that has been tailored for the unique demands of RISC-V environments.

Customization and advanced features of wolfSSL on RISC-V include hardware acceleration optimizations, particularly on platforms like Espressif’s ESP32-C3 and ESP32-C6 (see examples), where wolfSSL enhances performance with RISC-V assembly-level optimizations. These optimizations not only improve the speed of cryptographic operations but also ensure a smaller footprint, making them ideal for resource-constrained environments. Additionally, wolfSSL supports the integration of secure bootloaders, secure communication protocols, and FIPS 140-3 certifications, offering developers the tools needed to build secure, reliable, and high-performance systems on RISC-V.

This customization capability allows developers to tailor security features to their specific needs, leveraging the flexibility of RISC-V to create advanced, secure applications that meet the rigorous demands of modern embedded systems.

How can you make your application [Better | Faster | Smaller | More Secure] ?

The first place to look for customization is our Tuning Guide to get an overview. There are also some sample user setting files as described in a prior blog: Using user_settings.h with wolfSSL.

Wondering where to get started? We have examples that should work on nearly every Windows/Mac/*nix platform (let us know if you find one that doesn’t!). There are also numerous examples for different environments and IDE platforms.

Check out our recent blog: Top 5 Build Options To Improve wolfCrypt/wolfSSL Performance.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Live Webinar: World’s first SP800-140Br1 FIPS 140-3 validated certificate #4718

We’re thrilled to share a major milestone with you: wolfSSL has achieved the world’s first SP800-140Br1 FIPS 140-3 validated certificate (#4718)! This groundbreaking achievement underscores our dedication to delivering unparalleled security solutions. To celebrate, join us for an exclusive webinar hosted by wolfSSL Senior Software Engineer, Kaleb Himes, on August 28th at 10 AM PT!

Register Today: World’s First SP800-140Br1 FIPS 140-3 Validated Certificate #4718
Date: August 28th | 10 AM PT

What You’ll Learn:

  • Breaking New Ground: Discover the significance of our world-first SP800-140Br1 FIPS 140-3 validated certificate.
  • Seamless Integration: Find out how our solutions work with OpenSSL, including Provider and Engine support.
  • Java Security: Explore our FIPS-validated solutions for Java JSSE/JCE frameworks.
  • Commercial Excellence: Learn about the only general-purpose commercial FIPS solution available in the market.
  • Expert Insights: Engage with the wolfSSL team and get expert advice on navigating FIPS certification and implementation.

This is your chance to be part of a historic moment in cybersecurity! Kaleb will share invaluable insights, practical knowledge, and answer your questions in a live Q&A session.

Don’t miss out—register now and be part of this exciting event!

As always, our webinars include Q&A sessions. If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Posts navigation

1 2 3 4 5 6 183 184 185

Weekly updates

Archives