Category: Uncategorized

Hello wolfSSL stakeholders!  2015 was another fantastic year of progress for wolfSSL, and as we strive to provide transparency for our customers, users, employees, and open source community, we are again reporting on our progress for the year.  It was a good year!  We accomplished a lot in building towards our goals.   Our goals […]

Read MoreMore Tag

OpenSSL recently released patches for two vulnerabilities [1] – one related to how OpenSSL generates Diffie-Hellman prime values and the other that potentially allowed a malicious client to negotiate old SSLv2 ciphers that had been disabled on the server.  Since both of these are OpenSSL implementation vulnerabilities, wolfSSL users are SAFE. For reference, the two […]

Read MoreMore Tag

New in wolfSSL v3.8.0 we have added support for NXP’s LPCExpresso IDE and a reference project using the LPC18S37 on the OM13076 (LPCXpresso18S37) board. The reference project and README.md are located in the repository at: /IDE/LPCXPRESSO Please contact us at facts@wolfssl.com or support@wolfssl.com with any questions about using the wolfSSL embedded SSL/TLS library with LPCExpresso.

Read MoreMore Tag

We have recently updated our ChaCha20-Poly1305 cipher suites. The ChaCha20-Poly1305 AEAD cipher suites are performant and use low amounts of memory, making it a good fit for IoT devices. This recent update allows for interoperability with the current OpenSSL, GnuTLS, and BoringSSL libraries when using ChaCha20-Poly1305 in a TLS connection and continues interoperability with libraries […]

Read MoreMore Tag

1.  You want more robust security. 2.  You want to avoid the steady stream of security updates required by using OpenSSL. 3.  You are paranoid, and want to use quantum safe crypto. 4.  You are performance driven, and want to leverage the latest hardware crypto, or tune in progressive ciphers. 5.  You want direct support for the crypto […]

Read MoreMore Tag

A new year, another attack on TLS.  Karthikeyan Bhargavan and Gaetan Leurent of INRIA recently announced the new attack.  TLS 1.2 allows negotiation of the hashing algorithm used for signatures, typically to “upgrade” the hash to a higher security level.  Before TLS 1.2 a combination of MD5 and SHA1 were used for signatures. TLS 1.2 […]

Read MoreMore Tag

Everybody with a pulse is excited about the IoT, for all of the right reasons, but the market is starting to recognize the challenges of security. See the following EE Times article by John Curran of Accenture for a description of the security challenges of IoT: https://www.eetimes.com/author.asp?section_id=36&doc_id=1328584. Fortunately, wolfSSL is here to help secure your […]

Read MoreMore Tag

Securing connected devices, including the IoT, is very important to us at wolfSSL. Larry Stefonic, CEO and Co-Founder of wolfSSL, recently published a guest post on the Xively blog that talks about the fundamentals of device security. This post includes commentary on securing the connection, device authentication, secure firmware updates, and securing the data on […]

Read MoreMore Tag

Curious about new features and additions to wolfSSL technologies for the coming year? Some items on our current roadmap include: – Early TLS 1.3 adoption – Non-blocking Crypto support – DTLS robustness improvements – Curve25519 / Ed25519 integration at the TLS level – Increased IoT platforms – More resource reduction options In terms of new […]

Read MoreMore Tag

wolfSSL has a port to devkitPro, giving an option to game developers to secure information with the embedded, lightweight, wolfSSL TLS/SSL library. The low memory footprint size of wolfSSL allows for efficient use of security while leaving plenty of room for the game itself. The low memory size of wolfSSL is something that has been […]

Read MoreMore Tag