As stated in the TLS 1.1 and 1.2 protocol definitions (RFC 4346, RFC 5246), “The primary goal of the TLS protocol is to provide privacy and data integrity between two communicating applications.” TLS 1.2 is an improvement to the TLS 1.1 standard, but how exactly do they differ? What was changed in TLS 1.2 to […]
Read MoreMore TagCategory: Uncategorized
Differences between SSL and TLS Protocol Versions (#TLS13)
Have you heard talk about SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, and TLS 1.3 but never really knew the differences between the different versions? Secure Socket Layer (SSL) and Transport Security Layer (TLS) are both cryptographic protocols which provide secure communication over networks. These different versions are all in widespread use today in […]
Read MoreMore TagTLS 1.3 Draft 28 Support in wolfSSL (#TLS13)
As you may have noticed, we released version 3.15.0 of wolfSSL. One of the features in this release was TLS 1.3 Draft 28 support! Draft 28 is the latest version of the TLS 1.3 specification, and can be enabled in wolfSSL at configure time by using the “–enable-tls13” build option: –enable-tls13 Enable wolfSSL TLS v1.3 (default: […]
Read MoreMore TagwolfSSL and ROHNP
wolfSSL is one of over a dozen vendors mentioned in the recent Technical Advisory “ROHNP” by author Ryan Keegan. Versions of wolfSSL prior to 3.15.3 were vulnerable to a Key Extraction Side Channel Attack. wolfSSL v3.15.3 which is protected against these attacks and has other improvements is available for download now on our website. Only […]
Read MoreMore TagwolfCrypt v4.0 FIPS with AES-NI
wolfSSL will be releasing wolfCrypt v4.0 FIPS with an expanded security boundary. We have added many algorithms to the boundary. We have also tested the code using AES-NI with Linux and Windows 10. Intel added a set of instructions for accelerating AES processing including performing AES-GCM’s GHASH. Also available are accelerations to SHA-1, SHA-2, and […]
Read MoreMore TagwolfCrypt v4.0 FIPS with Key Generation and RDSEED
wolfSSL will be releasing wolfCrypt v4.0 FIPS with an expanded security boundary. We have added many algorithms to the boundary, including Key Generation. wolfCrypt v4.0 FIPS can generate keys for use with RSA and ECDSA signing. It can also do the perform the ECDHE and DHE key agreement schemes. We have also self-affirmed wolfCrypt for […]
Read MoreMore TagSCP with wolfSSH
We have been hard at work adding server support for SCP to wolfSSH and it will be available in the next release of wolfSSH, version 1.3.0. If you have an embedded device and want to securely upload a new firmware image to it or download a log file with the convenience of a copy command, […]
Read MoreMore TagwolfSSL Release 3.15.0
wolfSSL is proud to announce release v3.15.0 of our wolfSSL embedded TLS library. Among the many additions are: Support for wolfCrypt FIPS on SGX Support for TLS 1.3 Draft versions Single Precision assembly code added for ARM and 64-bit ARM to enhance performance Improved performance for Single Precision maths on 32-bit Expanded OpenSSL compatibility layer […]
Read MoreMore TagwolfSSL Intel SGX (#SGX) + FIPS 140-2 (#FIPS140)!
wolfSSL is pleased to announce the following addition to the wolfSSL FIPS certificate! Debian 8.7.0 Intel ® Xeon® E3 Family with SGX support Intel®x64 Server System R1304SP Windows 10 Pro Intel ® Core TM i5 with SGX support Dell LatitudeTM 7480 The wolfCrypt FIPS validated cryptographic module has been validated while running inside an Intel […]
Read MoreMore TagPerformance Comparison: TLS 1.3 in wolfSSL and OpenSSL
The performance of TLS 1.3 using wolfSSL has recently been discussed here in the blogs. While checking our performance a comparison was made with OpenSSL. An OpenSSL server using the latest TLS 1.3 implementation at the time was used with the wolfSSL client. The numbers showed that the recent Intel x86 64-bit assembly optimizations have […]
Read MoreMore Tag