wolfIP now includes native wolfGuard support, bringing a FIPS-compliant WireGuard VPN tunnel directly into the stack. wolfGuard replaces the standard WireGuard cipher suite (Curve25519, ChaCha20-Poly1305, BLAKE2s) with FIPS-certified alternatives (P-256 ECDH, AES-256-GCM, SHA-256) using wolfSSL cryptographic primitives, while preserving the Noise IKpsk2 handshake and its security properties including perfect forward secrecy and automatic key rotation. […]
Read MoreMore TagCategory: wolfGuard
Meeting FBI CJIS Security Policy v6 with wolfGuard
The FBI’s Criminal Justice Information Services (CJIS) Security Policy v6 has sent a clear message to law enforcement and public safety agencies: the window for legacy cryptography is closing. Specifically, Control SC-13 mandates that all Criminal Justice Information (CJI) in-transit outside of physically secure locations must be protected by FIPS 140-3 validated cryptographic modules. With […]
Read MoreMore TagTLS vs. SSH: When To Use Which (2026 Edition)
TLS and SSH are both widely used protocols for creating secure connections between two systems over an untrusted network. Although they share some fundamental goals, they are designed for different use cases. In this updated guide, we will explore when you should use which, along with a look at the latest developments in both protocols. […]
Read MoreMore TagFIPS-Compliant Tailscale Mesh VPN Powered by wolfSSL
Earlier last year, we shared the integration of our FIPS-validated crypto engine, wolfCrypt, into WireGuard to create a project we call wolfGuard. We’re now extending this effort to Tailscale, the popular mesh VPN built on top of WireGuard. Getting started with wolfSSL? Download the latest libraries here and start exploring. Tailscale simplifies WireGuard deployment by […]
Read MoreMore Tag