XMSS and LMS in wolfBoot and wolfCrypt for CNSA 2.0

Designed by Freepik: www.freepik.com

Have you seen the recently released wolfBoot v2.0.0? It is full of a lot of interesting new features and optimizations. You can see full detail in the changelog.

What about the CNSA 2.0 Guidance? We’ve mentioned it many times in our blog posts. You can find it here.

You might be wondering, what do these have to do with each other? The NSA’s CNSA 2.0 guidance specifically states that LMS/HSS and XMSS/XMSS^MT are appropriate for firmware signing. These algorithms are now supported in the 2.0.0 release of wolfBoot. They depend on our LMS and XMSS integrations in wolfCrypt which are part of the recently released 5.6.4 version of wolfSSL! So, you can start working with these algorithms and signing and verifying your firmware images TODAY.

Being able to do that today is really important because the CNSA 2.0 says that LMS/HSS and XMSS/XMSS^MT are to be added as an option and tested in your systems and products today. By 2025, only a year from now, these algorithms are to be the default and preferred algorithms. By 2030, all other algorithms are to be phased out.

Are you ready to meet these expectations? You are if you use wolfBoot!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now