RECENT BLOG NEWS

HPKE (Hybrid Public Key Encryption) is a key encapsulation and encryption standard that allows two parties to derive a common secret and encrypt/decrypt messages using that common secret (https://www.ietf.org/archive/id/draft-irtf-cfrg-hpke-12.txt)  HPKE has three steps in single-shot mode:  Key encapsulation (KEM) – ECC P256, P384, P521 or X25519 Hash based Key Derivation (HKDF) – SHA2-256, SHA2-384, SHA2-512 […]

ECH (Encrypted Client Hello) is a draft extension for TLS 1.3 that enables a client to encrypt its client_hello in the TLS handshake to prevent leaking sensitive metadata that is sent in the clear during the normal TLS handshake. ECH was originally proposed as ESNI (Encrypted Server Name Indication), since the server name indication is […]

In our never-ending quest to have wolfSSL supported and running on all platforms, everywhere, for everyone, we are proud to announce we are now supporting Softcore RISC-V Environments. What is a Softcore RISC-V CPU? We’re glad you asked! Softcore means the electronics are created on a “soft” and reusable FPGA instead of the one-time, hard […]

wolfSSL has various examples of user_settings.h files that you could use to configure your build. For users who can’t make use of Autotools, want to build with a custom IDE, or would like to track and manage their wolfSSL build configuration in a header file, we recommend the use of a custom user_settings.h header file. […]

Are you interested in utilizing FIPS 140-2 cryptography on the Rocky Linux™ platform?  wolfSSL will soon be adding the Rocky Linux Operating Environment to our wolfCrypt FIPS certificate.  Let us know your exact hardware to ensure we add the configuration you need.  The wolfCrypt FIPS module can be used with wolfSSL, wolfSSH, third party Open […]

Are you a college or university student interested in Internet security?  Do you want to learn about cryptography and the implementation and application of Internet protocols (SSL/TLS, SSH, MQTT, TPM)?  If so, apply for wolfSSL’s 2025 Summer of Security internship program! wolfSSL is the leading global producer of Open Source Internet security products, securing over […]

Customers have asked about CVE 2022-40735 (https://nvd.nist.gov/vuln/detail/CVE-2022-40735) and whether they are vulnerable as users of wolfSSL. The short is answer is: No. But, there are ways that you can put yourself at risk. Let’s delve into the CVE and how best to protect yourself from attacks like this. First of all, a description of the […]

Recently the PQM4 project fixed a bug that was preventing us from turning on optimizations. Please see https://github.com/mupq/pqm4/issues/229 . Naturally, this means we can run benchmarks now!  You can see the results on our benchmarking page at https://www.wolfssl.com/docs/benchmarks/#pq_kyber_kem_l1_pqm4_on_stm32. Here is an abbreviated and reformatted version of our results. We want to compare Kyber Level 1 […]

wolfSSH now runs on Green Hills Software’s INTEGRITY RTOS. Rejoice! wolfSSH will build and run almost out of the box. You will have to do a little integration work to get INTEGRITY to start the server appropriately, but at that point it plays nice with the shell application and allows for SFTP. Users can log […]

wolfSSL has supported the NXP SE050 since wolfSSL 5.0.0 (November 1, 2021), giving wolfSSL and wolfCrypt users the ability to use cryptography and secure key generation/storage inside the SE050 while using wolfSSL’s own APIs from the application level. We recently made some substantial additions and enhancements to wolfSSL’s SE050 support, including the following.  These are […]