RECENT BLOG NEWS
Or sign up to receive weekly email notifications containing the latest news from wolfSSL.
In addition, wolfSSL now has a support-specific blog page dedicated to answering some of the more commonly received support questions.
As the security of individual field devices (sensors, transmitters, acuators, etc.) is often overlooked, these devices can provide a target for cyber attacks. This article by Matt Luallen of Control Engineering explains this fact in more detail – once again reminding us that security of such devices should not be taken lightly. Luallen states that “If your technicians can configure a field device through the control system, dedicated handheld tools, or by plugging in a laptop to the network, an attacker can do the same thing if he follows the right path.”
Secure communication is an important building block of device security. The wolfSSL embedded SSL library has been designed for resource-constrained embedded systems and can easily be added to your device. To learn more about wolfSSL and how it can help with your device security, feel free to contact us at firstname.lastname@example.org.
Security At The Device Level: http://www.controleng.com/single-article/security-at-the-device-level/
yaSSL has made great progress 2011! Company growth, active partnerships, technical improvements, and our community have all made great strides forward. We are very happy with the results of 2011 and look forward to an exciting year in 2012! Looking to 2012, we are planning ongoing improvements to our technology and have doubled our technical resources in order to better serve our users in 2012.
Listed below is an overview of our progress in 2011.
Business and Company Progress
1. We participated and/or exhibited in the following events: FOSDEM, ESC Silicon Valley, O`Reilly MySQL Conference & Expo, RSA Conference, Game Developers Conference, Infosecurity Europe, OSCON, ESC Boston, and the ARM Technology Conference
2. We gave presentations at both FOSDEM 2011 (Lightning Talk) and the 2011 O`Reilly MySQL Conference (Securing MySQL with a Focus on SSL) and published an article in the Linux Journal (Installing an Alternate SSL Provider on Android). Our presentations can be found on our Media page.
4. Our customer base doubled in 2011 and we increased our revenues by 5X.
Meaningful progress with our partner community:
1. ARM: wolfSSL is now included in the ARM / Avnet Embedded Software Store (www.embeddedsoftwarestore.com).
2. Intel: Continued a successful partnership with Intel, along with becoming a general member of the Intel Embedded Alliance
3. We added Security Innovation and SkypeKit as a new partners.
4. We added KoanLogic as a new partner.
wolfSSL Technical Progress
Feature highlights from our five releases of the wolfSSL embedded SSL library in 2011 include:
1. Added Elliptic Curve (ECC) cipher suites to wolfSSL
2. Added support for ECC, EC-DSA, and EC-DH to our CTaoCrypt crypto library
3. Better TLS 1.2 support through more comprehensive interoperability testing with other SSL implementations
4. Added SHA256 cipher suites and certificate signatures
5. Added PKCS8 private key encryption support
6. Added Password based key derivation function 2 (PBKDF2)
7. Added PKCS #12 PBKDF support as part of our plan to get to full PKCS12 support
8. Included UID parsing for x509 certificates
9. Included runtime memory hooks for users wanting to change memory functions at runtime
10. Added runtime hooks for customizable logging ability
11. Added compiler function visibility and better naming for less namespace pollution
12. Created simpler header structure for users
13. Added make test support
14. CTaoCrypt runtime library detection ability
15. Added AES counter (CTR) mode
16. EDH on both client and server sides
17. Made NTRU Cipher Suites available
yaSSL Embedded Web Server Progress
1. Released version 0.2 with bug fixes and feature enhancements
1. Improved documentation and examples
1. CURL port. wolfSSL can now be built with CURL (as a build option).
2. Mbed Release. wolfSSL was ported to Mbed in late 2010 and is now available for the Mbed cloud compiler.
3. KLone Web Application Framework. wolfSSL is now ported to the KLone Web Application Framework by KoanLogic.
4. memcached patch. wolfSSL now provides SSL security for memcache.
5. FreeRTOS support. wolfSSL now supports FreeRTOS/OpenRTOS.
6. Haiku OS. wolfSSL now works with the Haiku Operating System.
7. lwIP support. wolfSSL now supports running on top of lwIP.
8. Microchip pic32 support. wolfSSL now supports running on the pic32.
9. reSIPprocate port
10. We now support wpa_supplicant as a compile time option.
11. Added hostapd support
12. Apple TV port: wolfSSL and yasslEWS now can be run on the Apple TV.
13. Added wolfSSL crypto provider to MIT Kerberos library.
14. wolfSSL Android NDK package. wolfSSL can now be used in Android NDK applications.
15. Ported MIT Kerberos to Android using Google’s Android NDK.
Code & Community
1. Migrated wolfSSL code to GitHub
2. Introduced the yaSSL Support Forums
3. Added BMX6 to the wolfSSL Community
We are looking forward to the upcoming year and sharing new features and technology improvements with our embedded SSL users and community.
Are you interested in using the yaSSL Embedded Web Server in your project or on your device but have discovered that it currently lacks support for your desired platform? yaSSL offers a porting service for the yaSSL Embedded Web Server for just this occasion.
If you are interested in having us port the yaSSL Embedded Web Server to your platform, please contact us at email@example.com for more information about cost and time estimates.
We receive a lot of questions about the origins of the CyaSSL and CTaoCrypt software packages. We get asked where they were developed, and by who? These questions usually come from US government agencies and their contractors. Simply stated, mes amis, CyaSSL was Born in the USA and written by US citizens.
If you have any additional questions about the origins of the CyaSSL embedded SSL library, please contact us at firstname.lastname@example.org
Many of our users are curious about how the wolfSSL embedded SSL library will perform on a specific hardware device or in a specific environment. Because of the wide variety of different platforms and compilers used today in embedded, enterprise, and cloud-based environments, it is hard for us to give generic performance calculations across the board.
To help our users and customers in determining SSL performance for wolfSSL / CTaoCrypt, we provide a benchmark application which is bundled with wolfSSL. wolfSSL uses the CTaoCrypt cryptography library for all crypto operations by default. Because the underlying crypto is a very performance-critical aspect of SSL/TLS, our benchmark application runs performance tests on CTaoCrypt’s algorithms.
The benchmark utility is located in ctaocrypt/benchmark. Typical output may look like:
AES 5 megs took 0.033 seconds, 149.84 MB/s
ARC4 5 megs took 0.017 seconds, 297.23 MB/s
HC128 5 megs took 0.004 seconds, 1185.10 MB/s
RABBIT 5 megs took 0.011 seconds, 453.14 MB/s
3DES 5 megs took 0.236 seconds, 21.18 MB/s
MD5 5 megs took 0.011 seconds, 444.13 MB/s
SHA 5 megs took 0.019 seconds, 261.73 MB/s
SHA-256 5 megs took 0.041 seconds, 122.98 MB/s
SHA-512 5 megs took 0.023 seconds, 213.44 MB/s
RSA 2048 encryption took 0.11 milliseconds, avg over 100 iterations
RSA 2048 decryption took 2.36 milliseconds, avg over 100 iterations
DH 2048 key generation 0.88 milliseconds, avg over 100 iterations
DH 2048 key agreement 0.92 milliseconds, avg over 100 iterations
This is especially useful for comparing the public key speed before and after changing the math library. You can test the results using the normal math library (./configure), the fastmath library (./configure –enable-fastmath), and the fasthugemath library (./configure –enable-fasthugemath).
As always, please contact email@example.com with any questions or comments.
Hi! Team yaSSL has been considering the addition of the GOST block cipher to our wolfSSL embedded SSL library. If you are unfamiliar with GOST, there is a great wikipedia article here: http://en.wikipedia.org/wiki/GOST_(block_cipher). If you think wolfSSL should include GOST, then let us know. We appreciate your feedback. Just contact us at firstname.lastname@example.org.
We`ve started implementing Galois/Counter Mode (GCM) into wolfSSL. Specifically for use with AES and as a cipher suite for embedded SSL. One of the benefits of GCM is its efficiency and its performance appears to be pretty good as well. As an authenticated encryption algorithm it provides both integrity and confidentiality. We expect to see it more widely adopted in the near future. If you`re interested in testing AES with GCM or have any question or comments please let us know.
GCM (Wikipedia): http://en.wikipedia.org/wiki/Galois/Counter_Mode
A short time ago, we announced the unveiling of the online Embedded Software Store by ARM and Avnet (previous post). Since that time, there has been some feedback on the site itself and many bugs and errors have been fixed.
We wanted to point our readers to the wolfSSL product page on the Embedded Software Store, now that it has been updated. Do you have any feedback on the store itself or on the wolfSSL product page? Do you like the idea of having an online store for your embedded software needs?
wolfSSL Product Page (Embedded Software Store):
We look forward to hearing your thoughts at email@example.com.
Version 2.0.2 of the wolfSSL embedded SSL/TLS library has been released and is now available for download! The first final release of wolfSSL 2.0 after three release candidates provides users and customers with additional bug fixes and feature enhancements. Specifically, version 2.0.2 adds:
– Bug fixes
– CTaoCrypt Runtime library detection settings when directly using the crypto library
– Default certificate generation now uses SHAwRSA and adds SHA256wRSA generation
– All test certificates now use 2048-bit and SHA-1 for better modern browser support
– Direct AES block access and AES-CTR (counter) mode
– Microchip pic32 support
To download the open source, GPLv2-licensed version of wolfSSL 2.0.2, please visit our Download Page. If you have any questions or comments or would like more information on commercial versions of wolfSSL, please contact us at firstname.lastname@example.org.
For build instructions, a full feature list, API reference, and more, please see the wolfSSL Manual.
- June 2020 (4)
- May 2020 (17)
- April 2020 (17)
- March 2020 (7)
- February 2020 (24)
- January 2020 (18)
- December 2019 (9)
- November 2019 (16)
- October 2019 (14)
- September 2019 (24)
- August 2019 (21)
- July 2019 (8)
- June 2019 (13)
- May 2019 (35)
- April 2019 (32)
- March 2019 (20)
- February 2019 (10)
- January 2019 (16)
- December 2018 (24)
- November 2018 (11)
- October 2018 (18)
- September 2018 (18)
- August 2018 (8)
- July 2018 (15)
- June 2018 (29)
- May 2018 (15)
- April 2018 (11)
- March 2018 (19)
- February 2018 (6)
- January 2018 (11)
- December 2017 (5)
- November 2017 (12)
- October 2017 (7)
- September 2017 (8)
- August 2017 (6)
- July 2017 (11)
- June 2017 (8)
- May 2017 (10)
- April 2017 (5)
- March 2017 (7)
- February 2017 (1)
- January 2017 (8)
- December 2016 (3)
- November 2016 (2)
- October 2016 (18)
- September 2016 (8)
- August 2016 (5)
- July 2016 (4)
- June 2016 (11)
- May 2016 (4)
- April 2016 (5)
- March 2016 (4)
- February 2016 (12)
- January 2016 (6)
- December 2015 (4)
- November 2015 (6)
- October 2015 (6)
- September 2015 (5)
- August 2015 (8)
- July 2015 (7)
- June 2015 (9)
- May 2015 (1)
- April 2015 (4)
- March 2015 (13)
- January 2015 (6)
- December 2014 (7)
- November 2014 (3)
- October 2014 (2)
- September 2014 (11)
- August 2014 (6)
- July 2014 (9)
- June 2014 (11)
- May 2014 (11)
- April 2014 (9)
- March 2014 (3)
- February 2014 (3)
- January 2014 (5)
- December 2013 (9)
- November 2013 (4)
- October 2013 (7)
- September 2013 (3)
- August 2013 (9)
- July 2013 (7)
- June 2013 (4)
- May 2013 (8)
- April 2013 (4)
- March 2013 (2)
- February 2013 (3)
- January 2013 (9)
- December 2012 (13)
- November 2012 (5)
- October 2012 (7)
- September 2012 (4)
- August 2012 (6)
- July 2012 (4)
- June 2012 (3)
- May 2012 (6)
- April 2012 (7)
- March 2012 (2)
- February 2012 (5)
- January 2012 (7)
- December 2011 (5)
- November 2011 (7)
- October 2011 (6)
- September 2011 (6)
- August 2011 (5)
- July 2011 (2)
- June 2011 (8)
- May 2011 (12)
- April 2011 (4)
- March 2011 (12)
- February 2011 (9)
- January 2011 (13)
- December 2010 (17)
- November 2010 (12)
- October 2010 (14)
- September 2010 (11)
- August 2010 (20)
- July 2010 (14)
- June 2010 (7)
- May 2010 (1)
- January 2010 (2)
- November 2009 (2)
- October 2009 (1)
- September 2009 (1)
- May 2009 (1)
- February 2009 (1)
- January 2009 (1)
- December 2008 (1)