RECENT BLOG NEWS

wolfSSL’s embedded SSL/TLS library has included support for TLS 1.3 since early releases of the TLS 1.3 draft. Since then, wolfSSL has remained up-to-date with the TLS 1.3 specification. In this post, the major upgrades of TLS 1.3 from TLS 1.2 are outlined below:

TLS 1.3

This protocol is defined in RFC 8446. TLS 1.3 contains improved security and speed. The major differences include:

• The list of supported symmetric algorithms has been pruned of all legacy algorithms. The remaining algorithms all use Authenticated Encryption with Associated Data (AEAD) algorithms.
• A zero-RTT (0-RTT) mode was added, saving a round-trip at connection setup for some application data at the cost of certain security properties.
• Static RSA and Diffie-Hellman cipher suites have been removed; all public-key based key exchange mechanisms now provide forward secrecy.
• All handshake messages after the ServerHello are now encrypted.
• Key derivation functions have been re-designed, with the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) being used as a primitive.
• The handshake state machine has been restructured to be more consistent and remove superfluous messages.
• ECC is now in the base spec  and includes new signature algorithms. Point format negotiation has been removed in favor of single point format for each curve.
• Compression, custom DHE groups, and DSA have been removed, RSA padding now uses PSS.
• TLS 1.2 version negotiation verification mechanism was deprecated in favor of a version list in an extension.
• Session resumption with and without server-side state and the PSK-based ciphersuites of earlier versions of TLS have been replaced by a single new PSK exchange.

More information about the TLS 1.3 protocol can be found here: https://www.wolfssl.com/docs/tls13/. Additionally, please contact facts@wolfssl.com for any questions.

Resources:

If you would like to read more about SSL or TLS, here are several resources that might be helpful:

TLS – Wikipedia (http://en.wikipedia.org/wiki/Transport_Layer_Security)
SSL versus TLS – What`s the Difference? (http://luxsci.com/blog/ssl-versus-tls-whats-the-difference.html)
Cisco – SSL: Foundation for Web Security (http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-1/ssl.html)

wolfSSL now includes a port for Intel® SGX (Software Guard Extensions) with Linux (specifically, Ubuntu 16.04). Using wolfSSL with SGX Linux takes advantage of Intel® SGX technology to separate untrusted and trusted code, isolating the wolfSSL library from potentially malicious applications running on the host machine.
 
Curious about the extra security afforded by running wolfSSL in a secure enclave with SGX? Try out wolfSSL for Intel® SGX yourself with the port at wolfssl-root/IDE/LINUX-SGX which covers building a static library for linking with other SGX Enclaves.
 
wolfSSL also has an example Enclave and Application that demonstrate how to use wolfSSL SGX. The sample application covers:
1. wolfCrypt API Testsuite
2. wolfCrypt Benchmarks
3. Simple TLS Client Example with client and server authentication

The example can be found at https://github.com/wolfssl/wolfssl-examples/tree/master/SGX_Linux.
 
For more information about Intel SGX see the sites below.
https://en.wikipedia.org/wiki/Software_Guard_Extensions
https://software.intel.com/en-us/sgx
https://software.intel.com/sites/default/files/managed/77/98/IntelSGX-infoQ-SolutionBrief.pdf?utm_source=InfoQ&utm_campaign=InfoQSGXGTM&utm_medium=AssetPDF
 
If you have a need for an embedded SSL/TLS library with Intel® SGX contact us today at facts@wolfssl.com.

wolfSSL would like to announce to our community that we are now partnered with Infineon. This partnership should make it easier to get wolfSSL up and running on Infineon-based projects that need to be secured!

The wolfSSL embedded SSL/TLS library is a perfect fit for securing lightweight, resource-constrained devices. wolfSSL has a footprint size of 20-100kB, offers protocol support up to TLS 1.3 and DTLS 1.2, progressive algorithm support, hardware crypto support, and more.

Infineon designs, develops, manufactures and markets a broad range of semiconductors and system solutions. The focus of its activities is on automotive electronics, industrial electronics, mobile devices and chip card-based security. Combining entrepreneurial success with responsible action, Infineon addresses some of the most critical challenges of society: Efficient use of energy, environmentally-friendly mobility and security in a connected world.

https://www.infineon.com

Recently we announced availability of TLS v1.3 in wolfSSL. There are many benefits in changing to the newest version of the TLS specification.

One significant difference you will notice is the reduced number of round-trips when performing a full handshake. Older versions of the TLS protocol require two complete round-trips before the client sends the application data. With TLS v1.3 only 1 round-trip is required! Additionally, the server can send application data in response to the clients first handshake message! This means network latency has less impact on the time required to establish a secure connection.

Another difference is the way session resumption works in TLS v1.3. Previous versions of TLS have the client send a session id which the server has to lookup in its cache. If there was a match then they used the same security parameters. This is a very simplistic mechanism that requires sharing of state on servers.

TLS v1.3 has made significant improvements by re-purposing the ticketing system tacked onto older versions of TLS. The server sends the client a new session ticket after the handshake is complete. This ticket, a blob of data to the client, can be a database lookup key like the old session id. Alternatively, it can be a self-encrypted and self-authenticated value that contains the data for the previous connection. This means the server can be stateless!

Finally, the specification has been evaluated by cryptographic experts in efforts to prove the security of the protocol. While no security proof is perfect, the previous attacks on renegotiation, protocol version downgrading, compression, CBC and padding have been mitigated and the protocol is generally more resistant to attack.

For more details on using TLS v1.3 with wolfSSL, please contact us at facts@wolfssl.com

We are considering adding support for the Mongoose Web Server.  If you are interested in using CyaSSL with Mongoose please let us know at info@yassl.com.

Did you know that wolfSSL supports OCSP Stapling (Certificate Status Request TLS Extension) described in RFC6066 and OCSP Stapling v2 (Certificate Status Request TLS Extension v2) described in RFC6961?

And what benefits can we get out of it?

Without OCSP stapling, SSL/TLS clients needs to spend extra resources on a second socket to communicate with an OCSP Responder in order to validate the server`s certificates using OCSP. Also, the OCSP Responder is likely to be hit by enormous volumes of OCSP requests if a certificate is issued to a high traffic server, introducing a significant cost for the certificate authority.

OCSP stapling allows the server to bear the resource cost involved in providing OCSP responses by appending a time-stamped OCSP response to the initial SSL/TLS Handshake, eliminating the need for clients to contact the OCSP Responder. This way, a single OCSP response can be reused util it expires, forcing the server to get a new OCSP response from the OCSP Responder.

OCSP Stapling v2 defines a new extension, “status_request_v2”, with an extended format that allows the client to indicate support for multiple status request methods.

For more details on using OCSP Stapling in wolfSSL, please refer to the wolfSSL Manual or contact us at facts@wolfssl.com

The wolfSSL lightweight SSL/TLS library now supports TLS 1.3 (Draft 18) on both the client and server side!

A BETA release of wolfSSL (wolfSSL 3.11.1) is available for download from our download page.  This release is strictly BETA, and designed for testing and user feedback.  Users and customers wanting a stable and production-ready version of wolfSSL should remain on version 3.11.0.

To compile this release with TLS 1.3 support, use the “–enable-tls13” ./configure option:

$ unzip wolfssl-3.11.1-tls13-beta.zip

$ cd wolfssl-3.11.1-tls13-beta

$ ./configure –enable-tls13

$ make

wolfSSL has two new client/server methods, which can be used to specify TLS 1.3 during creation of a wolfSSL context (WOLFSSL_CTX):

WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);

WOLFSSL_METHOD *wolfTLSv1_3_client_method(void);

The wolfSSL example client and server can be used to easily test TLS 1.3 functionality with wolfSSL.  For example, to connect the wolfSSL example client and server to each other using TLS 1.3 and the TLS13-AES128-GCM-SHA256 cipher suite, use the “-v” option with “4” to specify TLS 1.3, and the “-l” option to specify the cipher suite:

$ ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256

$ ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256

Alternatively, the example client can be used to connect to an external server.  For example, to connect to the wolfSSL websitewith TLS 1.3:

$ ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -h www.wolfssl.com -p 443 -g -A ./certs/wolfssl-website-ca.pem

In this command, “-h” specifies the host, “-p” the port, “-g” causes the client to send an HTTP GET request, and “-A” specifies the CA certificate used to authenticate the server.

wolfSSL currently supports the following TLS 1.3 cipher suites:

TLS13-AES128-GCM-SHA256

TLS13-AES256-GCM-SHA384

TLS13-CHACHA20-POLY1305-SHA256

TLS13-AES128-CCM-SHA256

TLS13-AES128-CCM-8-SHA256

Please send any comments or feedback on wolfSSL’s TLS 1.3 support to support@wolfssl.com.  Thanks!

wolfMQTT v0.13 is now available for download. This release contains fixes for non-blocking and Arduino.

The wolfMQTT client is a lightweight protocol used commonly in the IoT space and is a pub/sub model. It is written in C from scratch and is based on the MQTT v3.1.1 specification. As a result the code is compact (~4KB) and clean. We’ve taken great care to explicitly check all parameters and input data to ensure reliable and secure operation. The client also integrates with our wolfSSL client to provide TLS for MQTT, which is required for AWS and Azure.

We have examples for connecting to:
* Amazon Web Services (AWS)
* Microsoft Azure IoT Hub
* Firmware Update over MQTT
* Generic MQTT client

The examples support using various operating systems and network stacks such as Linux/Mac/Windows/FreeRTOS/MQX. The wolfMQTT library uses callbacks for the networking so you can implement it for any two of communication interface. We even have an example template for using a UART via the callbacks.

Planned upcoming features:
* Multi-threaded support
* Android and iOS examples
* MQTT-SN (sensor network spec that reduces protocol overhead).

If you have any questions or would like more information please email us at facts@wolfssl.com.

Moises Guimaraes of the wolfSSL team will be in Prague June 8th to 10th, talking at PyCon CZ about our wolfCrypt Python module and basic cryptography principles. See his talk summary at https://cz.pycon.org/2017/speakers/detail/talk/28/#main.

Register today for PyCon CZ at https://cz.pycon.org/2017/#tickets. If you are already planning on attending, please chat with us about cryptography, SSL/TLS, and hardware encryption.

If you would like to set up a specific meeting time, please email Moises at moises@wolfssl.com.

To stay up to date with what is happening with wolfSSL, follow our blog.

We look forward to hearing from you!

Hi!  Are you interested in using wolfSSL with OpenVPN?  If so, let us know at facts@wolfssl.com or post a reply to this forum topic: https://www.wolfssl.com/forums/topic999-using-wolfssl-with-openvpn.html

The wolfSSL lightweight SSL/TLS library is nice for reduced overhead and maximum throughput in addition to supporting cutting edge curves and cipher suites!  wolfSSL currently supports up to TLS 1.3 and DTLS 1.2 and offers leading support in the industry!

OpenVPN, as described by their website, is “an open source virtual private network solution that has established itself as the defacto standard”.

We look forward to hearing your thoughts about using wolfSSL with OpenVPN!