This week we are tackling the question: what is the difference between FIPS 140-2 and FIPS 140-3? wolfSSL is currently the leader in embedded FIPS certificates and we always want to keep our users up to the date on the latest standards! With various specification updates, the newest standard of FIPS 140-3 will include the […]
Read MoreMore TagCategory: Uncategorized
Upgrading to Measured Boot using wolfBoot
At wolfSSL, we work together with our customers to enhance embedded security. This includes providing an embedded MCU TPM, MCU secure boot, and similar security options. Today, there is a de-facto standard for IoT security and that is the use of Secure Boot. However, Secure Boot provides us with only a single check over our […]
Read MoreMore TagBrief comparison of the existing TPM2.0 libraries
This is a comparison of key features in the available open-source stacks for using Trusted Platform Modules(TPM). TPMs are the most widely available TPM in modern computer systems and it is increasingly seeing adoption for IoT devices and various Embedded Systems. The communication between the TPM and the MCU happens using I2C or SPI bus. […]
Read MoreMore TagHow is wolfTPM better than the existing TPM stacks and why is it easier?
1. wolfTPM can run on resource constrained MCU, Embedded Systems and devices (IoT, Edge) 2. wolfTPM can be used in Trusted Execution Environments(TEE) and ARM TrustZone 3. wolfTPM does not have external dependencies 4. wolfTPM is the only open-source TPM2.0 stack that can be used in bare metal firmware 4.1 For industrial products using superloop […]
Read MoreMore TagwolfCrypt on CMVP Implementation Under Test List
wolfCrypt has been listed on the CMVP IUT List for FIPS 140-3! We are currently working with our testing lab to get validated as quickly as possible with the new FIPS standard from the NIST. Among the changes for FIPS 140-3 are conditional algorithm self-tests, where the algorithm self-tests are only performed if used. The […]
Read MoreMore TagAvionics Systems in Need of New Cybersecurity Testing
The U.S. Government Accountability Office (GAO) has pushed for further guidelines and regulations to ensure security in Avionics Systems. The report indicates potential cyber risks such as data spoofing, outdated systems, long update cycles, and software vulnerabilities. Researches have also highlighted the vulnerabilities to in-flight connectivity systems including the usage of cheap equipment to eavesdrop […]
Read MoreMore TagSecure wolfMQTT SN with wolfSSL DTLS
The sensor network sub-specification of MQTT does not designate a method for securing the communication between the clients and the gateway. We here at wolfSSL think that is unacceptable! Using the DTLS library of wolfSSL, we would like to protect the sensor data all the way from the client to the gateway, and then from […]
Read MoreMore TagcURL TPM/HSM Integration
Dear Internet, Would you love to have cURL integrated into your TPM/HSM for enhanced security? Tell us what makes sense! If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247. Your’s truly, wolfSSL
Read MoreMore TagUsing wolfSSL with .NET Core
.NET Core is a .NET implementation that is preferred in situations where cross platform portability is important. Including use in containers and running on environments such as macOS and Linux. wolfSSL has a C# wrapper written for the .NET framework that is fully capable of performing TLS/DTLS connections while using the optimized C code with hardware […]
Read MoreMore TagWhat’s New in FIPS 140-3?
There are a few significant changes coming with FIPS 140-3. Over the years with many specification updates, a few things got a little inconsistent, so these inconsistencies have been brought back in line. wolfSSL is prepared to deliver the first and best implementation of FIPS 140-3, so get ready: The power-on self-test is changing. It […]
Read MoreMore Tag