Category: Uncategorized

Hello Kinetis users!   Our team has now ported and released wolfSSL lightweight SSL for Freescale Kinetis.  The newest work is for MQX/RTCS/MFS on Kinetis tower systems.  Check our Github repository for the most recent source code: https://github.com/cyassl/cyassl If you are a Kinetis user, you will also be pleased to know that we support FreeRTOS, […]

Read MoreMore Tag

Have you been searching for a web server that runs on SafeRTOS? We recently ported the yaSSL Embedded Web Server and wolfSSL embedded SSL library to the SafeRTOS operating system. This means that you can easily serve up HTTPS content from your SafeRTOS-enabled project. The yaSSL Embedded Web Server offers a very small footprint, with […]

Read MoreMore Tag

Here`s a good article if you`re wondering how SHA-3 will be used:  http://community.embeddedswstore.com/t5/Embedded-Connection/Why-Does-Embedded-Security-Get-Overlooked/ba-p/286 From the article: “What then will SHA-3 be good for? While Polk says it may take years to identify all the possibilities for Keccak, it immediately provides an essential insurance policy in case SHA-2 is ever broken. He also speculates that the […]

Read MoreMore Tag

Researchers from two German universities have found that a large number of Android applications available today in the Google Play store have vulnerabilities related to SSL usage which may open the door for malicious man-in-the-middle attacks. You can find several blog posts explaining the vulnerabilities including one from Network World and the H Online. The […]

Read MoreMore Tag

On October 12, NIST announced Keccak as the winner of its Secure Hash Algorithm (SHA-3) competition. Keccak is designed to permute the data in a different manner than MD5, SHA-1, and SHA-2, making it immune to many of the attacks on those hashes. It promises roughly 13 cycles per byte to process the hash. The […]

Read MoreMore Tag

Do you currently use the Yocto Project or OpenEmbedded? We would like to announce the availability of the “meta-yassl” layer for both Yocto and OpenEmbedded. This layer adds support for the lightweight wolfSSL embedded SSL library to these projects and can be easily added to your existing Yocto or OpenEmbedded setup. The layer can be […]

Read MoreMore Tag

yaSSL and Intel have jointly published a white paper describing how Intel’s AES-NI can be used with the wolfSSL embedded SSL library. This paper provides a brief overview of the Intel AES-NI instructions and demonstrates the performance gains realized when Intel AES-NI is used in place of a more traditional software-only based AES implementation. The […]

Read MoreMore Tag

You may have noticed that with our most recent release of the wolfSSL embedded SSL library (2.3.0), we have made our example client and server applications more flexible and easier to use. These updated applications – client (./examples/client/client) and server (./examples/server/server) – now offer a variety of command line options to adjust things ranging from […]

Read MoreMore Tag

The CRIME attack has been in the news recently, and some of our users have been asking about it.  The short version of responding to the attack is simple:  disable TLS compression.  In wolfSSL, compression is disabled by default.  The Tor project has posted an excellent explanation of the attack in their blog.  For more […]

Read MoreMore Tag

Hi!  To our users concerned about the following security advisory:  http://www.securelist.com/en/advisories/50605 (as of 26 March 2018 at 9:28am MDT, this link no longer works and has no alternative), it is a vulnerability related specifically to SSL 3.0 and TLS 1.0.  When using CyaSSL, you can avoid this vulnerability using one of several methods, including: 1. Using […]

Read MoreMore Tag