SWEET32 – 3DES disabled by default in wolfSSL 3.9.10

One of the changes in the recent wolfSSL 3.9.10 release, to mitigate against the SWEET32 attack, is that the 3DES algorithm is now disabled by default when using the Autoconf (./configure) build system. Non Autoconf users can disable 3DES by defining NO_DES3 when compiling wolfSSL.

For those not familiar with SWEET32, more information can be found on the attackā€™s website, listed below. In summary, SWEET32 is an attack on block cipher algorithms that use a block size of 64 bits:

https://sweet32.info/

For more information about the wolfSSL embedded SSL/TLS library, please contact facts@wolfssl.com.