Hi! We’ve been telegraphing our plans to drop support for SSL 3.0 for the last year. With the emergence of the POODLE breach, we’ve decided to accelerate our plan. Over the coming weeks and months, we’ll be doing the following: 1. Disabling SSL 3.0 by default at runtime. 2. Disabling our SSL 3.0 code by […]
Read MoreMore TagCategory: Uncategorized
POODLE (An SSL 3.0 Vulnerability)
SSL, the predecessor to TLS, reached version 3.0 before changing names to TLS. TLS versions currently defined include TLS 1.0, 1.1, and 1.2, with the 1.3 specification still being worked out. “Padding Oracle On Downgraded Legacy Encryption” Bug (POODLE) was disclosed on October 14th, 2014 and allows an attacker to read information encrypted with SSL […]
Read MoreMore TagBeta Testing curve25519
Implementation of curve25519 is to the point where it is going through a testing cycle. We are looking for interested beta testers and cryptography enthusiasts who wish to test out just how fast it can be. If interested in getting the source code for the curve25519 implementation, contact us at facts@wolfssl.com.
Read MoreMore TagSecure Renegotiation Support Coming Soon to wolfSSL
Secure Renegotiation will allow for a server to differentiate between an initial connection and a renegotiation, protecting against “man-in-the-middle” attacks during renegotiations. “Secure Socket Layer (SSL) and Transport Layer Security (TLS) renegotiation are vulnerable to an attack in which the attacker forms a TLS connection with the target server, injects content of his choice, and […]
Read MoreMore TagwolfSSL Now Provides a Beta SCEP Implementation
Simple Certificate Enrollment Protocol, better known as SCEP, is a way to simplify certificate handling for everyday users. This Public Key Infrastructure communication protocol is designed to enable certificate management and certificate/CRL queries within a closed network. According to the Internet Engineering Task Force, SCEP uses PKCS#7 and PKCS#1 over HTTP and supports CA and […]
Read MoreMore TagBenchmarks of curve25519
Preliminary benchmarks on the upcoming curve25519 implementation display why it is listed as being a speed record breaker. On average, a TLS connection using curve25519 with RSA signature, 128 bit AES and SHA is approximately 15 percent faster than when using NIST curves with the same suite. When using the recently released ChaCha20-Poly1305 suite and […]
Read MoreMore TagwolfSSL 3.2.0 Released
CyaSSL version 3.2.0 has been released and is now available for download from the wolfSSL website. This release includes bug fixes and several new features which we think will be beneficial to our user and customer base. Fixes and features include: – ChaCha20 and Poly1305 crypto and suites– Small stack improvements for OCSP, CRL, TLS, […]
Read MoreMore TagBackoff and BlackPOS Malware Breach Retailers Point of Sale Systems
Retailers worldwide have been scrambling to maintain secure POS(point of sale) systems after the latest security breaches to corporations such as UPS, Target and, most recently, Home Depot. Larger corporations should not be the only ones concerned. According to the RSA Conference blog post, “Understanding PoS Malware Infecting Retailers,” the malware involved is simple to […]
Read MoreMore TagThe Importance of Open Source in Securing the Internet of Things
Open Source plays an important role in securing the Internet of Things. As more embedded products become available and security updates are required, devices will reach end-of-life, no longer supported by their creators, but will still remain in use. In the case of an open source project, developers within the open source community can contribute […]
Read MoreMore TagSpritz, a drop-in replacement for RC4
Recently at the CRYPTO 2014 conference rump sessions several interesting papers were presented. Ron Rivest presented a paper he and Jacob C. N. Schuldt wrote on finding an improved replacement for the RC4 stream cipher they named Spritz. Their goal was to find a drop in replacement for RC4 that wasn’t susceptible to the known […]
Read MoreMore Tag