Month: September 2024

Can you believe it? With wolfSSL you can now have a TLS 1.3 connection that is compliant with both FIPS 140-3 and the CNSA 2.0! Want to know how?

For key establishment, we can use the new ML-KEM-1024 (also known as Kyber-1024 which is at security level 5 as defined by NIST) hybridized with ECDH on curve P-521.

In terms of authentication, we can use our dual algorithm certificates where the conventional algorithm is ECDSA on curve P-521 and the alternative algorithm is ML-DSA-87 (also known as Dilithium 5 which is at security level 5 as defined by NIST). The server would then also have conventional and alternative private keys so they would both be used to sign the transcript.

For the cipher suite, We can use AES-256-GCM-SHA384; this is approved by both FIPS 140-3 and CNSA 2.0.

And just like that, we have dual compliance! Want more details and a demo with steps to do it yourself? Not to worry, we’ll have a webinar soon to explain how you can achieve this yourself as well! Please stay tuned.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

By now most people interested in security have heard about the NIST Post Quantum Announcement and the specific algorithms derived from CRYSTALS-Dilithium, CRYSTALS-KYBER and SPHINCS. Our team was there at the White House!

We’ve had experimental Post Quantum support for years. See our blog from 2021: Hybrid Post Quantum Groups in TLS 1.3. Post Quantum has also been in cURL since 2021 as well. We’ve developed PQ libraries that work on everything from the largest computer systems to the smallest devices such as the Espressif ESP32!

But do you know if and how your code can be upgraded to take advantage of these new standards? We can help! We have a variety of public and internal tools that can be used to quickly and efficiently search your codebase for API calls that are targets for Post Quantum upgrades.

When you are ready to move on to the next step, wolfSSL will be there for you! Need to have your project NIST Certified? Recently we announced that wolfSSL is the First in the World to offer FIPS 140–3 Automated Submission with our NIST Certificate #4718.

For more details, see our blog What is FIPS (In-Depth Overview).

Have specific requests or technical questions? We’d love to hear from you! Please reach out to us at support@wolfSSL.com or open an issue on GitHub. For general inquiries, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Do you have an idea for a project but want a quick prototype without the hassle of a custom board? We’re happy to announce that our latest wolfSSL v5.7.2 library is now available in the Arduino Registry for rapid prototypes.

Just type “wolfSSL” in the Library Manager of the Arduino IDE. If nothing happens right away, check to see if the IDE is downloading updates as indicated in the lower-right corner of the app and wait for the process to complete.

There are TLS Client and Server apps, as well as a bare-bones Hello World that just prints the wolfSSL version. See the bottom of the list in Files – Examples – “Examples from Custom Libraries” in the IDE.

Just edit the SSID and Password:

All of the source code is available at: https://github.com/wolfSSL/Arduino-wolfSSL. We also have a more detailed Getting Started with wolfSSL on Arduino guide.

Want to check performance? Check out our recent blog: How do you benchmark cryptography?

When you are ready to move on to the next step, wolfSSL will be there for you! Need to have your project NIST Certified? Recently we announced that wolfSSL is the First in the World to offer FIPS 140–3 Automated Submission with our NIST Certificate #471.

See our prior blogs on:

• What is the difference between FIPS 140-2 and FIPS 140-3?
• FIPS vs FedRAMP Compliance and Requirements

The What is FIPS (Quick Overview) blog also applies to RISC-V with regards to how your RISC-V Operating Environment (“OE”) can be certified:

1. You send us your hardware and toolchain.
2. We run the initial tests which ensure the cryptography module behaves according to specification given your specific hardware and operating system.
3. The CMVP certified lab runs and verifies the tests and their documentation.
4. The test results are submitted to CMVP for review.
5. Your specific operating environment is added to our certificate.
6. You are FIPS 140 compliant in 60-90 days.

For more details, see our blog What is FIPS (In-Depth Overview).

Have specific requests or technical questions? We’d love to hear from you! Please reach out to us at support@wolfSSL.com or open an issue on GitHub. For general inquiries, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Master one of the most powerful tools in a developer’s toolkit. Join us for an exclusive live webinar where Daniel Stenberg, the creator of curl, will guide you through the ins and outs of this essential command-line tool.

Register today: Mastering curl Command Line Training
Date: September 5th | 10 am PT

curl is the Swiss Army knife of Internet transfers, widely used for its robust command-line options. Over the years, new features have been continuously added, making it even more versatile.

This talk will highlight some of the most powerful and intriguing recent additions to curl, including lesser-known tricks that can enhance your command lines, expand your “tool belt,” and boost your productivity. We’ll also cover trurl, a newly created companion tool for URL manipulations that you might not yet realize you need.

Register now! This presentation could take your curl skills to the next level.

As always, our webinars will include Q&A sessions throughout. If you have questions on any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now