wolfBoot release: v.2.5.0

We are pleased to announce the release of wolfBoot 2.5.0, the newest version of our universal secure bootloader. This release marks another milestone in the continued evolution of wolfBoot, reinforcing its relevance as a cutting-edge secure boot solution for embedded systems. WolfBoot 2.5.0 brings expanded hardware support, major new features, and a host of improvements to performance and security, all while maintaining the simplicity and robustness our users expect.

New hardware targets and platform enhancements

wolfBoot 2.5.0 expands its hardware compatibility, adding support for several new platforms and improving existing targets. Notable additions and enhancements include:

  • New target support: wolfBoot now supports the Raspberry Pi RP2350 microcontroller, NXP’s MCX family (including the MCXA153 and MCXW716 series), and the STMicroelectronics STM32F1 series. These additions extend wolfBoot’s reach from the latest Pi Pico 2 board to NXP’s advanced Cortex-M33 based MCUs and even legacy STM32F1 devices (like the popular “blue-pill” board), demonstrating once again our team’s commitment to maximize device coverage.
  • Enhanced support: Existing platform ports have been refined for better stability and performance, notably for the Xilinx UltraScale+ MPSoC (ZynqMP), Renesas RX family, and Infineon AURIX TriCore TC3xx microcontrollers. Developers using ZynqMP devices will benefit from smoother integration (e.g. improved standalone boot support and exception level handling), while updates to the Renesas RX and AURIX TC3xx ports include more efficient flash management and boot-time reliability improvements. These platform enhancements make it easier and more efficient to deploy wolfBoot on a wider range of hardware.

Major new features and enhancements

Version 2.5.0 introduces several important features aimed at both simplifying the developer experience and strengthening security:

  • Non-contiguous ELF section support: wolfBoot can now load and verify firmware images with non-contiguous (scattered) ELF sections. In practical terms, this means the bootloader handles images that are split across multiple memory regions, accommodating complex memory maps and multi-part firmware layouts. This feature adds flexibility for projects that utilize segmented flash or RAM areas for their application code and data.
  • Streamlined PQC integration: Post-Quantum Cryptography support in wolfBoot has been simplified and updated. WolfBoot 2.5.0 includes the latest PQC algorithm support from wolfCrypt (such as the recently standardized ML-DSA) and makes it easier to configure PQC-based signature verification. By refining the integration of PQC algorithms, we continue to help users prepare for a post-quantum future without sacrificing ease of use.
  • Static library build option: In addition to the traditional standalone bootloader binary, wolfBoot can now be built as a static library (libwolfboot.a). This gives developers the flexibility to integrate wolfBoot’s secure boot functionality directly into their applications or custom boot frameworks. The static-lib build simplifies certain use cases — for example, linking wolfBoot into a monolithic firmware image or using wolfBoot features in an RTOS environment — by allowing wolfBoot to be called like a library rather than a separate bootloader image.
  • Glitch attack mitigation (IAR toolchain): Security against hardware fault-injection attacks (glitches) has been further hardened in this release. We’ve extended our glitch mitigation techniques to better support the IAR Embedded Workbench toolchain, ensuring that builds compiled with IAR include additional countermeasures against timing and voltage glitch attacks. These low-level improvements make the secure boot process even more resilient to physical attack attempts, protecting the integrity of the firmware verification steps.

Build system and documentation improvements

wolfBoot 2.5.0 comes with numerous build system refinements and documentation updates to streamline development. We have refactored the CMake build system to improve cross-platform support and clarity, making it easier to compile wolfBoot for various targets and toolchains. This includes cleaner integration for IAR and other compilers, as well as a more organized project structure for out-of-the-box builds. Additionally, our documentation has been improved across the board – from updated user manuals and API references to new examples and guides – to help both new and experienced users get the most out of wolfBoot. Whether you’re configuring a multi-slot update scheme or integrating wolfBoot with a TPM, the clearer documentation will guide you through the process more smoothly. (As always, detailed change logs and usage instructions can be found in the README and docs accompanying the release.)

Bug fixes and updated modules

As with every release, wolfBoot 2.5.0 includes key bug fixes that enhance stability and reliability. Various minor issues identified in the previous version have been addressed, resulting in a more robust bootloader across all supported platforms. In particular, fixes were applied to edge cases in flash memory handling and update workflows to ensure consistent behavior in all update scenarios.

Moreover, the cryptographic and secure hardware modules underlying wolfBoot have been updated to their latest versions. wolfBoot 2.5.0 is powered by wolfSSL 5.8.0 – bringing in the newest optimizations and post-quantum enhancements from the wolfCrypt engine – and it can integrate with wolfTPM 3.9.0 for TPM-based secure boot use cases. By using the latest wolfSSL v5.8.0 and wolfTPM v3.9.0 releases, wolfBoot ensures compatibility with the most up-to-date security features and fixes from those libraries. This means developers get improved performance, up-to-date cryptographic algorithms, and continued FIPS 140-3 readiness through wolfCrypt.

wolfBoot’s security is, as always, built on wolfCrypt, which allows the boot process to leverage FIPS-certified crypto and even meet safety standards like DO-178C when required. Upgrading to wolfBoot 2.5.0 brings all these benefits into your secure boot process.

Getting wolfBoot 2.5.0 and support

wolfBoot 2.5.0 is available for download now, and we encourage everyone to try out the new features and improvements. You can find the source code and release package on our GitHub repository and the wolfSSL download page. Documentation for this release, including an updated user manual and examples, is available on our website to help you get started quickly.

If you have any questions about wolfBoot 2.5.0 or need help with integration, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247. The wolfSSL team offers commercial support and consulting services for those who require dedicated assistance or custom features. Whether you are upgrading an existing project or designing a new device with wolfBoot, our team is here to ensure your secure boot implementation is successful.

Download wolfSSL Now

wolfBoot Now Supports NXP’s New MCX A and MCX W Microcontrollers

wolfSSL is excited to announce that wolfBoot, our secure bootloader, now supports NXP’s MCX A and MCX W microcontroller families. This means developers can bring wolfBoot’s robust secure boot and firmware update capabilities to NXP’s latest low-power and wireless-enabled chips. The MCX A and MCX W series are NXP’s next-generation Arm Cortex-M33 based MCUs, designed for edge and IoT applications. Some topics we will explore today include:

  • Secure boot and firmware authentication
  • MCX A and MCX W series support in wolfBoot
  • TrustZone-M support: supervising security
  • Quantum-resistant cryptography
  • Hybrid Dual-signature authentication

The MCX A series delivers a cost-effective, small-footprint MCU solution with autonomous, low-power peripherals for a wide range of industrial and IoT uses?.

The MCX W series, on the other hand, builds on that foundation by adding integrated wireless connectivity – a unified, pin-compatible platform supporting standards like Matter, Thread, Zigbee, and Bluetooth LE.?

Notably, the MCX W devices also incorporate NXP’s EdgeLock secure enclave technology, providing a built-in hardware security core (a hardware root-of-trust) for key storage and cryptography.?

These new MCUs combine efficient performance, ultra-low power operation, and advanced security features, making them an ideal match for wolfBoot’s secure boot capabilities.

With wolfBoot now running on MCX A and MCX W devices, manufacturers and developers using these chips can ensure that only authenticated, trusted firmware runs on their hardware. wolfBoot performs cryptographic signature verification of firmware at boot time, preventing unauthorized or malicious code from taking control of the device. This addition expands wolfBoot’s platform support and underscores our commitment to securing even the most resource-constrained embedded systems.

Coming soon, WolfSSL will further integrate wolfBoot with the TrustZone-M and hardware security features of the MCX family. In practical terms, this upcoming enhancement will allow wolfBoot to act as the TrustZone-M secure supervisor on these microcontrollers – running in the isolated secure world while the main application runs in the non-secure domain. By leveraging TrustZone, wolfBoot can maintain control over critical security resources: for example, cryptographic keys and operations can be confined to the secure domain. wolfBoot uses this isolation to implement a kind of lightweight hypervisor, meaning applications in the non-secure domain can invoke cryptographic functions without ever directly accessing the secret keys?.

This architecture greatly enhances security – even if an application or network-exposed code is compromised, the attacker cannot extract or misuse the most sensitive assets. Additionally, wolfBoot will make use of the MCX hardware root-of-trust capabilities (such as the EdgeLock secure enclave on the MCX W series) to anchor the boot process in silicon. This hardware-based trust anchor will let wolfBoot verify firmware authenticity using keys stored in tamper-resistant memory and even interface with secure key management services?.

The result is an extremely robust secure boot chain that takes full advantage of the MCX series’ built-in security features.

Another key advantage of wolfBoot on NXP MCX is its forward-looking cryptography, which is increasingly important for longevity in IoT products. wolfBoot already supports several post-quantum cryptography (PQC) signature algorithms – the kinds of digital signatures designed to withstand attacks by quantum computers. This includes hash-based signature schemes like LMS (Leighton-Micali Signature) and XMSSML-DSA, the newly standardized module-lattice-based signature algorithm (derived from the CRYSTALS-Dilithium PQC scheme)?.

These algorithms are quantum-resistant, meaning that unlike RSA or ECC, they are not known to be breakable by quantum computing. This is a critical consideration for future-proofing devices: experts warn that a sufficiently powerful quantum computer could one day defeat classical cryptography by solving the mathematical problems underpinning RSA/ECC much faster than a classical computer?.

By adopting PQC signatures, wolfBoot ensures that devices can remain secure even in a post-quantum future where older algorithms might be vulnerable.

What’s more, wolfBoot supports a hybrid dual-signature approach to firmware authentication.

In hybrid mode, each firmware image can be signed with both a traditional algorithm (e.g. ECDSA or RSA) and a post-quantum algorithm (like LMS or Dilithium). wolfBoot will verify both signatures, and it only boots the new firmware if both cryptographic checks pass. This dual-signing strategy provides defense-in-depth during the transition to PQC. Even if one of the signature algorithms were to be compromised (for instance, a future quantum breakthrough against ECC, or an unforeseen weakness in a new PQC scheme), the second signature still stands as a guardrail. Hybrid signatures also help with adoption: they allow new devices to be compatible with existing classical cryptography infrastructure while gradually introducing PQC, offering a graceful migration path?. wolfBoot’s support for hybrid authentication means developers don’t have to choose between today’s standards and tomorrow’s security – they can have both, ensuring firmware updates are secure against both conventional and quantum threats.

By extending wolfBoot to the NXP MCX A and MCX W families, WolfSSL is empowering developers to build the next generation of connected devices with strong confidence in their boot security. These MCUs are built to drive innovation in smart home gadgets, industrial sensors, wearables, and more – and with wolfBoot, each of those devices can boot up safely, verify its software integrity, and even perform field updates securely with minimal overhead. The combination of NXP’s silicon (with its low-power efficiency, wireless connectivity, and built-in security) and wolfBoot’s advanced secure boot features (from TrustZone supervision to post-quantum signatures) offers a powerful platform for long-term, resilient IoT deployments. As support for TrustZone-M and hardware root-of-trust on MCX devices rolls out, wolfBoot will fully harness the security architecture of these chips – essentially acting as a guardian in the secure world that oversees and protects the entire system from reset to runtime. With optional post-quantum and hybrid signature verification, wolfBoot on MCX is not only securing today’s devices but also future-proofing them for the cryptographic challenges of the years ahead.

WolfSSL’s focus remains on providing easy-to-use, strong security solutions for embedded developers. If you are developing on NXP’s MCX microcontrollers or are interested in bolstering your device’s boot security (with features like TrustZone isolation or quantum-resistant crypto), now is a great time to explore wolfBoot. Feel free to reach out to us at facts@wolfSSL.com to learn more, get sample projects for MCX A/W, or discuss how wolfBoot can help secure your next project. We’re excited to see what innovations the community will build on these new NXP platforms – and even more excited that wolfBoot will be there to keep those devices secure from the moment they power on.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

µITRON Support in wolfBoot

We regularly receive inquiries regarding µITRON support in wolfSSL products—and understandably so.

As a specification for real-time operating systems (RTOS), ITRON has led to a wide variety of implementations. These include open-source projects such as TOPPERS/ASP, as well as commercial RTOS offerings like eT-Kernel (by eSOL), µC3 (by eForce), and NORTi (by MISPO), among many others. In addition, many companies have developed and deployed their own in-house RTOS implementations based on the µITRON specification.

As a result, although these systems are often described as “µITRON-compliant,” in practice they tend to include proprietary extensions or slight modifications. This has given rise to a diverse ecosystem of µITRON derivatives, each with its own unique features.

wolfSSL products are designed to support µITRON, including these many derivative implementations. This includes products such as wolfBoot, which typically require a higher degree of platform-specific integration. The high portability of wolfSSL—including wolfBoot—is the result of extensive experience supporting a broad range of RTOS and general-purpose operating systems, along with carefully localized platform-dependent code.

With commercial-grade technical support backed by wolfSSL’s proven portability technology, customers can confidently integrate wolfSSL products into their µITRON-based systems—regardless of the variant—ensuring robust, secure, and reliable operation.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Secure Boot Support for Nordic nRF5340: Firmware Update for Dual-Core Systems

We’re thrilled to announce that wolfBoot now supports the powerful Nordic nRF5340 dual-core SoC, bringing enterprise-grade security to your IoT applications. This cutting-edge microcontroller combines robust security features with high performance, making it an ideal choice for modern IoT deployments.

Key Features

  • Dual-Core Architecture
    • Application Core:
      • Cortex-M33 at 128MHz with TrustZone
      • 1MB Flash and 512KB RAM
    • Network Core:
      • Cortex-M33 at 64MHz
      • 256KB Flash and 64KB RAM
  • wolfBoot Signature Options
    • RSA (2048/3072/4096)
    • ECC (256/384/521)
    • ED25519/ED448
    • PQC: ML-DSA/LMS/XMSS
    • Hybrid PQC schemes
  • Hardware based root of trust

Implementation Details

Our reference implementation uses the Nordic nRF5340-DK development kit with external QSPI flash for secure update storage. We’ve also enabled delta (differential) updates to optimize bandwidth usage on constrained networks. Simply enable this feature with DELTA_UPDATES=1.

Communication Setup

The DK board features two virtual COM ports for debugging:

  • Application Core: UART0=P0.20
  • Network Core: UART0=P1.01

The application core manages network core updates through IPC and shared memory, ensuring seamless coordination between both cores.

Getting Started

For detailed build instructions and example output from an update, visit our documentation.

Important Notes

  • Network core updates must be signed with –id 2 and placed in the application core update partition
  • Coming soon: Hardware-based root of trust using the UICR key storage region

Testing Tools

We’ve provided helpful testing scripts in our GitHub repository. The build_flash.sh script automates the process of:

  • Creating internal and external flash images
  • Signing each with version 2
  • Placing updates in external flash
  • Triggering updates (equivalent to calling wolfBoot_update_trigger())

Support

For questions or assistance, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Unlocking the Power of Secure Boot for AMD/Xilinx UltraScale+ MPSoC Systems

With the release of WolfBoot version v2.4.0, we have made significant improvements to our secure boot support for Xilinx UltraScale+ MPSoC systems. This major update brings several key enhancements that make it easier and more efficient to deploy wolfBoot on this target.

UltraScale+ enhancements in wolfBoot v2.4.0

To see the complete list of improvements see wolfBoot PR #499.

  1. Standalone build

    The latest release adds support for building without any dependencies from the Vitis/Xilinx SDK. This shift allows developers to bypass traditional SDK-based workflows, making it easier to integrate secure boot into their projects.

  2. Expanded Exception Level (EL) Support

    We now support all ARMv8-A exception levels, enhancing security, virtualization, and OS management:

    • Exception Level 3 (EL3) – Trusted Firmware
    • Exception Level 2 (EL2) – Hypervisor
    • Exception Level 1 (EL1) – Operating System
  3. Flattened Image Tree (FIT) Format

    We have also introduced support for the FIT format, which combines a Flattened Device Tree (FDT) with embedded binaries. FIT images are widely used in embedded Linux systems, providing a flexible and efficient way to package and deploy software.

  4. Enhanced QSPI Bare-Metal Driver

    The latest release includes significant improvements to the QSPI bare-metal driver, enhancing its capabilities for DMA and clock speed configuration. For example using DMA vs IO mode reduced the read of 154MB from 18,228ms to 2,607ms.

  5. ARMv8 Crypto Extensions

    wolfBoot now supports the wolfCrypt ARM crypto assembly speedups for SHA2 and SHA3, which greatly improves hashing performance on the integrity checking during boot.

  6. AMD/Xilinx UltraScale+ MPSoC (ZCU102) Features

    The AMD/Xilinx Zynq UltraScale+ MPSoC ZCU102 is a powerful evaluation board that provides a platform for system designers to develop and prototype applications:

    • Processing System (PS):
      • Quad-core ARM Cortex-A53 (Application Processing Unit – APU)
      • Dual-core ARM Cortex-R5 (Real-time Processing Unit – RPU)
      • ARM Mali-400 MP2 GPU for graphics acceleration
    • Programmable Logic (PL):
      • Integrated UltraScale+ FPGA fabric for custom hardware acceleration
      • Supports Partial Reconfiguration (PR)
      • High-performance DSP slices for signal processing applications
    • Configuration Security Unit (CSU):
      • The CSU is responsible for secure boot and system configuration.
      • It ensures secure key storage, authentication, and decryption for secure boot processes.
      • Supports Root of Trust (RoT) for secure application execution.
      • Manages bit-stream authentication and encryption for FPGA security.
    • Platform Management Unit (PMU):
      • The PMU is a triple-redundant MicroBlaze processor system, ensuring high reliability and fault tolerance.
      • Handles power sequencing, system monitoring, and fault detection.
      • Manages dynamic power and thermal control, optimizing energy efficiency.
      • Provides error handling and recovery mechanisms for mission-critical applications.

    Note: The wolfBoot support for using the CSU and hardware based Root of Trust is in development now. You can follow the progress here.

    Getting Started

    To get started with wolfBoot on your Xilinx UltraScale+ MPSoC system, please refer to the official documentation docs/Targets.md.

    The Xilinx hardware uses a First Stage BootLoader (FSBL) and requires assembly of a BOOT.BIN image using bootgen and .bif file. Detailed instructions can be found in IDE/XilinxSDK.

    If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

    Download wolfSSL Now

wolfBoot Support for NXP QorIQ Platforms

wolfBoot supports a wide range of NXP QorlQ platforms. In this post, we will highlight supported platforms, key features, and how wolfBoot ensures security and reliability for PowerPC-based embedded systems.

Why wolfBoot for NXP QorIQ?

wolfBoot is a highly suitable secure boot solution for modern embedded systems. wolfBoot is a U-Boot replacement to improve security. wolfBoot supports features like TPM, encrypted updates, external flash partitions, differential updates, and side channel hardening (armored mode). Production support, commercial grade product, safety critical certified DO178 and FIPS 140-3. Its lightweight design, independence from specific platforms, and ease of integration make it a one-stop solution for developers aiming to improve firmware security.

Key advantages:

  • Efficient and Lightweight: Perfect for resource-constrained environments.
  • Broad Compatibility: Supports PowerPC and Arm-based platforms.
  • Flexible Integration: Simplifies secure firmware updates and key management.

Supported NXP QorIQ PPC Platforms

LS1028A

  • Overview: ARMv8-A architecture with dual Cortex-A72 cores for industrial and networking applications.
  • Features: Integrated TSN (Time-Sensitive Networking), high-speed I/O, and robust peripheral support.
  • Tested Environment: LS1028ARDB Reference Board.

T1024

  • Overview: Dual-core 64-bit PowerPC processor based on the e5500 core, designed for embedded control and communication.
  • Features: Virtualization, encryption acceleration, and advanced networking capabilities.
  • Applications: Secure gateways, industrial automation, and telecom systems.
  • Tested Environment: T1024RDB with NOR flash using IFC.

T2080

  • Overview: High-performance quad-core 64-bit processor using the e6500 core with AltiVec technology for vector processing.
  • Features: Exceptional performance for data-intensive workloads and advanced signal processing.
  • Tested Environment: NAII 68PPC2 hardware.

P1021

  • Overview: A dual-core PPC e500v2 processor.
  • Features: Optimized for secure boot from NAND flash via eLBC (Enhanced Local Bus Controller).
  • Boot Details: Supports first-stage boot loader and execution of wolfBoot for secure firmware validation and application loading.
  • Applications: Ideal for industrial controllers and embedded systems requiring high reliability.
  • Tested Environment: P1021RDB with NAND boot source using eLBC

How wolfBoot Secures NXP QorIQ Systems

wolfBoot ensures safe and trusted execution of firmware with:

  • Secure Boot: Prevents unauthorized firmware from running.
  • Signed Updates: Employs ECC/RSA cryptography for firmware authenticity.
  • Customizable Configurations: Provides example setups for easier implementation across platforms.

Conclusion

Whether you’re working on NXP QorIQ PowerPC platforms or other architectures, wolfBoot is designed to deliver the best security and support. Its compatibility with wide ranges of different processors makes it essential for secure embedded systems development.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Announcing wolfHSM Integration with wolfBoot

We’re excited to announce that wolfBoot now supports integration with wolfHSM, bringing enhanced security features to our best-in-class secure bootloader solution on supported platforms. This enhancement positions wolfBoot as an even stronger tool for automotive and industrial applications with the highest security requirements.

What are wolfBoot and wolfHSM?

wolfBoot is our open-source, portable, OS-agnostic secure bootloader solution for 32-bit microcontrollers and beyond. It ensures that only authenticated firmware can run on your embedded device, providing a root of trust for your application..

wolfHSM is our generic Hardware Security Module (HSM) firmware framework, providing a unified API for secure cryptography, object storage, and key management on HSM coprocessors. wolfHSM enables applications to easily leverage a platform’s hardware-based root of trust and provides a streamlined abstraction for offloading all cryptography to the HSM coprocessor through the wolfCrypt API.

wolfHSM Integration with wolfBoot

By integrating wolfHSM with wolfBoot, we’ve enhanced the security capabilities of our already secure bootloader with the following features:

  1. Secure Key Storage: Cryptographic keys are now stored securely on the wolfHSM server, never accessible to wolfBoot or user applications.
  2. Remote Cryptographic Operations: All cryptographic operations are offloaded as remote procedure calls to the wolfHSM server. Hardware acceleration for cryptographic algorithms is included when supported by the platform.
  3. Flexible Key Management: Keys can be updated or rotated on the wolfHSM server without requiring a wolfBoot update.

Supported Platforms

Currently, wolfBoot supports using wolfHSM on the following platforms:

  • wolfBoot simulator (using wolfHSM POSIX TCP transport)
  • Infineon AURIX TC3xx (shared memory transport)

More platforms are in development. Don’t see your platform here? Reach out to us at facts@wolfSSL.com and we can discuss adding support!

Getting Started

To get started with wolfBoot + wolfHSM:

  • Check out the wolfHSM integration documentation for an overview of the configuration options and HAL requirements.
  • Consult your platform-specific wolfHSM documentation for instructions on configuring the wolfHSM server.
  • To test wolfHSM + wolfBoot using the simulator, simply follow the instructions here to build wolfBoot with wolfHSM support and run it against our example wolfHSM server.

Give it a try and let us know what you think!

If you have any questions about wolfBoot or wolfHSM, please reach out via email at facts@wolfSSL.com or call us at +1 425 245 8247 and we will be happy to assist you!

Download wolfSSL Now

wolfBoot release: v.2.3.0

wolfBoot 2.3.0 has finally been released! The universal secure bootloader extends its support to new platforms, improves existing ports, and introduces new groundbreaking features that set the pace to defining secure-boot for the next generation of embedded systems.

A New Era of Secure Boot with ML-DSA and Hybrid Authentication

The introduction of quantum resistant algorithms in the latest releases of wolfSSL has accelerated the integration of asymmetric cryptography in our secure boot solution. In 2023, wolfBoot v2.0.0 expanded its signature verification algorithms to include the hash-based stateful signatures LMS (+HSS) and XMSS (^MT). wolfBoot v2.3.0 further extends these options by introducing ML-DSA, as specified in FIPS-204, for verifying the authenticity of firmware and other critical components. Support for ML-DSA in wolfBoot is currently available in three variants: ML-DSA-44, ML-DSA-65 and ML-DSA-87, corresponding to NIST security category 2, 3 and 5, respectively.

Hybrid Authentication: Post-Quantum Meets Classic Cryptography

One of the most anticipated features in WolfBoot 2.3.0 is its support for hybrid authentication, a method that combines Post-Quantum Cryptography (PQC) algorithms with traditional cryptographic techniques like ECC and RSA. This hybrid approach strengthens security by combining the resilience of PQC, which resists quantum attacks, with the well-established reliability of classic algorithms. Pairing PQC algorithms with ECC521 offers a path toward CNSA 2.0 compliance, a set of guidelines for systems demanding the highest levels of security.

Hybrid authentication in WolfBoot secures the boot process by signing and validating boot images with a combination of PQC and traditional cryptography. This dual-layer protection approach ensures that even if one algorithm becomes vulnerable, the other remains resilient, offering a future-proof strategy for embedded systems as quantum computing capabilities grow.

Boot time optimization and performance monitoring

Thanks to the newly introduced assembly optimization for ARM in wolfCrypt, image verification times have been dramatically reduced. These ARM optimizations are now enabled by default on all Cortex-M devices.
New benchmark tools have been added to our continuous integration environment, to ensure that we can constantly monitor boot time, footprint size, runtime memory usage and other performance indicators.

Improved keystore and keyvault management

Starting with wolfBoot 2.3.0, it is now possible to store public keys of different sizes in the same trust anchor. This is a crucial feature to allow double signature verification in hybrid mode, or when integrating heterogeneous components in the boot chain, involving more than one cipher at a time.

PKCS11 key vault storage drivers have also been improved, and can now reliably store keys in non-volatile memories, ensuring compatibility with wolfPKCS11.

Hardware support

In this version, the following new targets have been added to the list of hardware platforms we support:

  • Infineon AURIX TriCore TC3xx
  • Microchip AT-SAMA5D3
  • Nordic nRF5340

Moreover, the support for some of the existing ports has been improved and stabilized. During the development of wolfBoot v. 2.3.0 we mostly worked on the following targets:

  • NXP i.MX-RT family: the capabilities have been extended, including the support for built-in High-Assurance Boot (HAB) mechanism, provided by the manufacturer. Flash interaction has improved, and DCACHE invalidation has been fine-tuned to increase performance
  • Renesas RX: improvements introduced for this family of microcontrollers include the introduction of a full-flash erase operation, a more efficient flash management and support for boot-time IRQ.
  • Raspberry Pi: added UART driver

Find out more about wolfBoot

Join our webinar “What’s new in wolfBoot” on November 21, 2024 to discover more details about wolfBoot 2.3.0 and our real-life scenarios for post-quantum cryptography adoption.

If you want to share your secure-boot experience with us or ask us anything on this topic, reach out via email at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfBoot: Secure Boot now with support for FIPS 204 ML-DSA post-quantum signature algorithm

NIST recently announced three new standards for post-quantum cryptography (FIPS 203-205), and among them was ML-DSA (FIPS 204, Module-Lattice Digital Signature Algorithm), a lattice-based algorithm derived from the round 3 finalist CRYSTALS-DILITHIUM. As a general purpose digital signature algorithm ML-DSA has attractive features, such as fast key generation, signing, and verifying, as well as a tunable security strength. ML-DSA also supports organizations migrating to CNSA 2.0.

Naturally the wolfSSL team found this quite interesting, and we eagerly set to work on ML-DSA support. We are pleased to announce we have added ML-DSA to wolfBoot, which is achieved by utilizing wolfCrypt’s implementation of dilithium (ML-DSA). This implementation supports all three parameter sets standardized in FIPS 204: ML-DSA-44, ML-DSA-65, and ML-DSA-87. If you’re curious, you can read more about it in our wolfBoot PQ docs, and test out the new ML-DSA config example.

In total, wolfBoot now has support for three NIST approved post-quantum algorithms:

Conspicuously absent from this list is FIPS 205, Stateless Hash-Based Digital Signature Standard (SLH-DSA, the NIST standard successor of SPHINCS+). Should we amend this absence? Let us know.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

wolfBoot Supports the Infineon AURIX TriCore TC3xx

We’re thrilled to announce that wolfBoot now supports Infineon’s AURIX TriCore TC3xx family of microcontrollers, bringing enhanced security and flexibility to your automotive and industrial applications.

Why AURIX TC3xx?

Infineon’s AURIX TriCore TC3xx microcontrollers are renowned for their high performance, safety, and security features, making them ideal for automotive and industrial applications. Adding wolfBoot to your TriCore application means you get a small and performant secure bootloader designed to protect your firmware right from the start.

Why wolfBoot on AURIX TC3xx?

  1. Security: Ensure only authenticated firmware runs on your TriCore device, safeguarding against malicious code and aftermarket tuning modifications. Encrypted application images prevent attackers from reverse engineering your code and data, and rollback protection ensures bugs in your firmware can’t be exploited once fixed. Secure key storage means your cryptographic material remains inaccessible from the outside world, providing your application with a strong root of trust.
  2. Reliability: Combine the TC3xx’s functional safety with wolfBoot’s robust image update procedure, providing your application with resilience to power failures and support for delta/incremental updates.
  3. Flexibility: wolfBoot is OS agnostic, and can interoperate with any RTOS, Linux or bare-metal application, including AUTOSAR stacks. wolfBoot’s tight integration with wolfCrypt, the world’s best-tested cryptography library, provides built-in support for all major cryptographic algorithms, including post-quantum algorithms and Chinese government-mandated SM ciphers. This means your application benefits from exceptional crypto agility, easily adapting to new cryptographic standards and staying secure against evolving threats.

Getting Started

To get started with wolfBoot on the AURIX TC3xx, clone the wolfBoot repository and follow the AURIX build instructions. The example project contains everything you need to load and update images on the AURIX LiteKit-V2 development board, but the steps should be adaptable to any device in the TC3xx family.

wolfBoot TriCore HSM Integration

wolfHSM is a software framework that provides a portable and open-source abstraction to hardware cryptography, non-volatile memory, and isolated secure processing that maximizes security and performance for ECUs. It consists of a client-server library architecture, where the wolfHSM server runs on the secure HSM core, and client applications communicate with the server through the wolfHSM client library. wolfHSM dramatically simplifies client applications by allowing direct use of wolfCrypt APIs, with the library automatically offloading all sensitive cryptographic operations to the HSM core as remote procedure calls with no additional logic required by the client app. The AURIX TC3xx family of devices is fully supported by wolfHSM, and includes HSM hardware crypto acceleration.

With the wolfHSM server running on the AURIX HSM core, wolfBoot can use the wolfHSM client to offload all cryptography and key storage to within the HSM secure environment, providing application images with an HSM-backed root of trust. wolfHSM can also leverage wolfBoot on the HSM core, authenticating both the wolfHSM server application and the TriCore application images before releasing wolfBoot on the application cores.

Using wolfBoot on the Infineon AURIX TC3xx is a big step towards securing your automotive or industrial application with minimal effort, especially when combined with wolfHSM.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Posts navigation

1 2