Category: Uncategorized

What is CT (Certificate Transparency)?  Certificate Transparency is from RFC 6962 and is an extension on certificates to create a Merkle Tree (hash tree like with blockchain). The purpose of the tree is to help spot misuses of certificates and to provide a public way to audit the log of certificates issued. It was first […]

Read MoreMore Tag

If you pop over to the OpenWrt project site, you’ll stumble upon some excellent news: “TLS support is now provided by default in OpenWrt images including the trusted CA certificates from Mozilla. It means that wget and opkg now support fetching resources over HTTPS out-of-the-box. The opkg download server is accessed through HTTPS by default. […]

Read MoreMore Tag

The acronym CAAM stands for Cryptographic Accelerator and Assurance Module. It is hardware that can be found on many i.MX NXP devices. When used it speeds up the cryptographic algorithms such as ECC and AES. In addition to the performance gained with using the CAAM for cryptographic operations, the application can also increase security by […]

Read MoreMore Tag

The embedded systems community has long sought a top quality, super flexible, made-with-love IDPS. Today, wolfSSL answers the call, with our first preview release of wolfSentry, the IDPS (Intrusion Detection and Prevention System) for embedded and IoT systems. Included in this preview are Support for Linux, BSD, MacOS X, and Deos, on 32 and 64 […]

Read MoreMore Tag

Author: Daniel Stenberg (cross posted from daniel.haxx.se) Friends of mine know that I’ve tried for a long time to get confirmation that curl is used in space. We’ve believed it to be likely but I’ve wanted to get a clear confirmation that this is indeed the fact. Today GitHub posted their article about open source […]

Read MoreMore Tag

With our new release of wolfSentry people might wonder how it compares to Suricata. Suricata is an open source IDS / IPS / NSM engine. While it seems that Suricata is in rivalry with wolfSentry, our embedded IDPS; they actually have a synergy, it would make sense for sophisticated users to deploy both of them. […]

Read MoreMore Tag

Secure boot and remote updates are becoming a mandatory requirement in the market of IoT connected and secured embedded systems. wolfSSL offers multiple solutions to update your remote embedded systems connected to the Internet. The core component that authenticates the firmware and regulates the installation of a new version is wolfBoot, the secure bootloader for […]

Read MoreMore Tag

As some may be aware, wolfSSL added support for strongSwan in April of 2019. The upstream commit can be reviewed here: https://github.com/strongswan/strongswan/pull/133 Users can test the latest development master of wolfSSL with the latest version of strongSwan using the following setup: wolfSSL Build and Installation Steps $ git clone https://github.com/wolfSSL/wolfssl.git $ cd wolfssl $ ./autogen.sh […]

Read MoreMore Tag

wolfSSL is implementing MIKEY-SAKKE! MIKEY-SAKKE is a standard created by the UK government’s National Cyber Security Center (NCSC). MIKEY-SAKKE is a standard designed to enable secure, cross-platform multimedia communications. It is highly scalable, requiring no prior setup between users or distribution of user certificates. It is designed to be centrally-managed, giving a domain manager full […]

Read MoreMore Tag

FIPS 140-2 requires the use of validated cryptography in the security systems implemented by federal agencies to protect sensitive information. The wolfCrypt Module is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency. The National Institute of Standards and Technology (NIST) is sending FIPS […]

Read MoreMore Tag