Blog - wolfSSL

wolfCrypt Is Quantum-Safe and has a FIPS 140-3 CAVP cert!

June 3, 2026June 4, 2026

We’re proud to announce that wolfCrypt Post Quantum has officially received CAVP validation from NIST, listed under certificate #A8437. This validation covers the CNSA 2.0 compatible algorithm library contained within the wolfSSL TLS bundle (v7.0.0), and is a critical milestone on the path to a full FIPS 140-3 module validation for our post-quantum module. Certificate […]

June 16, 2026June 15, 2026

Why are we reporting so many CVEs? If you follow wolfSSL, you’ve probably noticed the number of CVEs we file per release has ramped up this spring 2026. From 5.8.0 (April 2025) to 5.9.1 (April 2026) we’ve experienced nearly geometric growth in reported CVEs per wolfSSL release. So what’s going on? Should users of wolfSSL […]

June 16, 2026June 12, 2026

Scope: ES256 (P-256) COSE_Sign1 size and speed plus post-quantum ML-DSA (FIPS 204), wolfCOSE vs t_cose vs COSE-C, with cross-language and on-device results. Method: one identical operation, every library and crypto backend built from source on one machine with identical flags, dead-code eliminated. Desktop: x86_64 Intel i9-11950H, GCC 14.2. On-device: NUCLEO-H563ZI Cortex-M33 at 250 MHz. June […]

June 16, 2026June 12, 2026

wolfSSL continues to advance post-quantum cryptography support throughout its ecosystem, including curl when built with wolfSSL. Developers can use post-quantum and hybrid TLS 1.3 key exchange mechanisms, including ML-KEM, to help protect connections against future quantum threats. Supported Hybrid TLS 1.3 Key Exchange: SecP256r1MLKEM512 SecP384r1MLKEM768 SecP521r1MLKEM1024 SecP256r1MLKEM768 SecP521r1MLKEM1024 SecP384r1MLKEM1024 X25519MLKEM512 X25519MLKEM768 X448MLKEM768 To learn more […]

June 15, 2026June 12, 2026

When choosing a TLS library, two questions come up again and again: how much memory does it use and how fast is it. This post focuses on memory, comparing the heap usage of wolfSSL against several OpenSSL releases for an identical TLS 1.2 handshake. All numbers below were regenerated with current releases; wolfSSL 5.9.1 versus […]

June 15, 2026June 10, 2026

What if your MQTT architecture could eliminate the gateway entirely? Most MQTT deployments rely on a cloud-hosted or gateway-based broker. But some systems need local operation, lower latency, disconnected communication, or tighter control over system resources. Join us on June 17 at 9 AM PT for a technical introduction to the new embedded MQTT broker […]

June 15, 2026June 8, 2026

Many networking stacks make it difficult to predict memory usage, runtime behavior, and certification effort. For embedded, real-time, and safety-critical systems, that uncertainty can add complexity throughout development, testing, and deployment. Join us for a technical webinar on wolfIP, a compact TCP/IP stack designed specifically for deterministic embedded networking. wolfIP eliminates runtime memory allocation and […]

June 12, 2026June 8, 2026

In Part 1, we argued agents need cryptographic request authenticity. In Part 2 we surveyed the ecosystem and the adjacent tools. This post is about what we’re contributing: native RFC 9421 support at the plumbing layer — curl and libcurl, with wolfCrypt providing the Ed25519 math. Two open PRs: curl — curl/curl#21239 — httpsig: add […]

June 12, 2026June 10, 2026

If you are signing CBOR payloads on an embedded device and you have started worrying about “harvest now, decrypt later,” that worry now extends to signatures too. Long-lived firmware artifacts, attestation reports, supply-chain manifests: anything signed today with ECDSA or RSA can be retroactively forged by an adversary with a cryptographically relevant quantum computer. wolfCOSE […]

June 12, 2026June 9, 2026

COSE (CBOR Object Signing and Encryption) is a compact binary format for attaching signatures, encryption, or MACs directly to a piece of data, so that the proof travels with the object no matter how it is stored, cached, or forwarded. That is the whole idea. If you know JOSE, JWT, JWS, JWE, COSE is the […]

June 11, 2026June 8, 2026

In Part 1, we argued that AI agents break the identity model the web was built on, and that RFC 9421 is a natural — if incomplete — primitive for the layer that’s missing. That invites three fair questions: Doesn’t AWS Signature V4 already do this? Doesn’t JWT already do this? If 9421 is the […]

1 2 3 4 … 240 241 242

RECENT BLOG NEWS

wolfCrypt Is Quantum-Safe and has a FIPS 140-3 CAVP cert!

Why is wolfSSL reporting so many CVEs?

wolfCOSE vs The Field: The smallest and fastest COSE library, now with post-quantum ML-DSA at the same cost.

Post-Quantum Cryptography in curl

wolfSSL vs OpenSSL: Heap Usage Comparison

Bringing the Broker to the Edge – wolfMQTT’s New Embedded MQTT Broker

wolfIP: Deterministic TCP/IP Without Dynamic Memory Allocation – APAC-Friendly Time

Native HTTP Message Signatures in curl, Powered by wolfSSL – Part 3

wolfCOSE: The First COSE Implementation with ML-DSA – Production-Tested, CAVP-Validated Post-Quantum Signatures in wolfCOSE

wolfCOSE: What is COSE?

The Identity Gap: SigV4, JWT, mTLS, and the Open-Source Race to Authenticate AI Agents – Part 2

Weekly updates

Archives

RECENT BLOG NEWS

Posts navigation

Weekly updates

Archives