RECENT BLOG NEWS

So, what’s new at wolfSSL? Take a look below to check out the most recent news.
Or sign up to receive weekly email notifications containing the latest news from wolfSSL.
In addition, wolfSSL now has a support-specific blog page dedicated to answering some of the more commonly received support questions.

wolfSSL on Microchip

We recently did a preliminary port of wolfSSL to Microchip’s PIC32, which will be further explained and announced in a future release of wolfSSL. Are you using wolfSSL with a Microchip board? If so, we’re prepared to support you if you run into any problems or issues.

Let us know at info@yassl.com if you’ve tried wolfSSL with a Microchip board, or if you have any questions about wolfSSL in general.

Microchip PIC32: http://www.microchip.com/en_us/family/32bit/

– Team yaSSL

Scaling with SSL

Why is wolfSSL a great solution when you have millions of connections per server?  Memory consumption per connection can be as low as 3k, varying with the size of input and output buffers. This brings wolfSSL’s runtime memory consumption to 3-36kB depending on buffer size. Input and output buffers are created on demand when smaller than MAX_RECORD_SZ unless the user turns on STATIC_CHUNKS_ONLY.  

In contrast,  OpenSSL typically consumes 50-140k per connection.  wolfSSL emphasizes small size, speed, and low memory use.  These attributes make wolfSSL ideal for scaling on a huge magnitude.   Other libraries often run into problems when trying to scale to hundreds of thousands of connections for applications like load balancing or cloud services.  We have users doing just that.  

Want to hear about how wolfSSL is being scaled in the cloud?  Contact us and we`ll share some of the use cases currently in production.  

ARM and Avnet Launch Embedded Software Store

During the ARM Technology Conference last week, ARM and Avnet Electronics Marketing announced the launch of their online Embedded Software Store. The goal of this store is to provide developers and companies a single place to easily explore, find, and purchase software components, thus helping bring new products to market faster than ever.

The store is now online and can be viewed at www.embeddedsoftwarestore.com. Users can choose from a large collection of reputable software vendors, including yaSSL! The site offers a streamlined checkout process, including a quick download delivery system and preview of all license agreements in advance of the purchase.

Press Release: http://www.arm.com/about/newsroom/avnet-electronics-marketing-and-arm-launch-embedded-software-store.php

wolfSSL Certificate Generation Update

We`ve noticed a trend lately of the latest operating systems and browsers removing support for MD5 signed SSL certificates.  iOS 5, IE 9, and others have moved away from MD5.  wolfSSL now signs certificates with SHA-1 by default and has support for SHA-256 signed certificates as well.  If anyone would like support for SHA-512 please let us know, though it doesn`t appear to be widely adopted at the moment.  The default test certificates for embedded wolfSSL are now all SHA-1 with RSA 2048 bit.  It`s the same combination you`ll notice from most banks, paypal, and google.  If you have any questions or feedback please let us know.

Cheers,
Team yaSSL 

Energy Efficient ARM Code

Here`s an excellent article in EE Times on writing energy efficient ARM code https://www.eetimes.com/document.asp?doc_id=1279523 .

Our wolfSSL embedded SSL product is designed with many of these principles in mind, but of course the design goal of energy efficiency takes a back seat to overall security.  In some cases, the goals of energy efficiency and overall security mesh well.

By the way, come see us at ARM TechCon.  If you need a pass, let us know at info@yassl.com and we`ll send you one.

wolfSSL 2.0.0rc3 is Now Available

The latest release of wolfSSL is now ready for download: http://yassl.com/yaSSL/Download.html .  

New features in the embedded SSL release include better autoconf support, allowing easier integration with other projects whether those projects use autoconf or not.  More complete make install and uninstall, using the default system directories.  make test / make check are now implemented.  The wolfSSL headers are now in while the CTaoCrypt headers can be found in .  Our main OpenSSL compatibility header is now and the rest are located in .  

Special thanks to Brian Aker for his suggestions and patches that contributed to the overhaul.  For more information check out the updated wolfSSL Manual.

Team yaSSL

TLS 1.0 Cracked

It has been widely publicized that TLS (any version less than or equal to 1.0), using AES-CBC mode has been recently cracked.  We have received a number of questions and there has been a flurry of activity in the SSL world around this topic.  Hence, we feel compelled to make a few statements of our own.  Here are our thoughts:

1.  The current crack is specific to TLS, versions less than or equal to 1.0.  We support both TLS 1.1 and TLS 1.2.  

2.  We have supported TLS 1.2 for over 18 months now, and believe that we have the most robust and well tested implementation.

3.  We can also note that we`ve done as much TLS 1.2 interop testing as possible.  

To protect yourself from this attack, we recommend using either TLS 1.1 or TLS 1.2 in your project or application. If you must use an older version of the protocol (SSL 3.0, TLS 1.0), we recommend that you use stream ciphers, as they are not vulnerable to the CBC crack. wolfSSL supports several stream ciphers including ARC4, RABBIT, and HC-128. For a full list of wolfSSL features, please see the product page.

References on the above will follow in further posts on our blog. If you have any questions, please contact us at info@yassl.com.

Posts navigation

1 2 3 84 85 86 87 88 89 90 103 104 105

Weekly updates

Archives

Latest Tweets