DTLS 1.3 is here! wolfSSL release 5.4.0 was recently sent out and one of the exciting new features in the release was initial support for DTLS 1.3. This new protocol implementation gives improvements over the previous 1.2/1.0 versions of DTLS and compliments the TLS 1.3 implementation in wolfSSL quite nicely.
wolfSSL prides itself on our many firsts. As a Cybersecurity company we have to make sure all of our products are state of the art. As such we make sure to be proactive, so that our products are always the best they can be. Being an open source company, we like to keep our users, customers, and followers up to date on our successes.
wolfSSL Current Firsts:
- First Open Source Dual Licensed TLS (GPLv2/Commercial)
- First TLS to adopt fuzz testing; now sporting 7 internal nightly fuzz testers and 2 external fuzz testers
- First TLS 1.2 implementation
- First DTLS 1.2 implementation
- First TLS to support quantum resistant encryption (PQC) …in 2010! We used NTRU.
- First TLS 1.3 implementation
- First MQTT SN implementation
- First MQTT 5.0 implementation
- First IETF SUIT Secure Boot implementation
- First TLS 1.3 Sniffer
- First DO 178 DAL A certified crypto library
- First TPM 2.0 stack designed for baremetal and embedded systems – wolfTPM
Now wolfSSL is the first to have DTLS 1.3 implementation. wolfSSL’s DTLS 1.3 implementation is not ready for commercial use, but it’s fully functional and ready for being beta-tested! As usual, you can find the code at our GitHub repo or you can download the latest beta version here.
Since its first version, DTLS aims to bring the same security guarantees as TLS, but without requiring a reliable and order-preserving underlying protocol. This means that it’s much more suitable for latency-sensitive applications that can suffer from the overhead of TCP or similar protocols. The specifications of DTLSv1.3 were published just last April (RFC 9147) and DTLSv1.3 brings all the improvements of TLS v1.3 to DTLS: faster and more secure handshake, 0-RTT resumption, modern crypto algorithms, better downgrade protection and so on. We are the first to release a working implementation.
If you are working on DTLS, or if you just have questions, don’t hesitate to contact us at firstname.lastname@example.org. We’re more than happy to hear from you!
Want to talk to us face to face about DTLS 1.3 at Black Hat? Come by Booth 1084!