RECENT BLOG NEWS

By Todd Ouska, wolfSSL The Message Queuing Telemetry Transport protocol, or MQTT, has become a favorite of Internet of Things (IoT) developers, and why not? It’s incredibly lightweight (on the order of a couple Kb for client implementations), has easy-to-use APIs, and is available for free under the Eclipse Public License (EPL). If your connected […]

wolfSSL recently published a press released talking about the release of wolfMQTT, and its use with the wolfSSL embedded SSL/TLS library: “3.6 kB MQTT client implementation easily integrates with the wolfSSL embedded SSL library for resource-constrained Internet of Things devices and connected applications. wolfSSL, a leading provider of security and connectivity solutions for the embedded, […]

Are you interested in having a secure email client on your Freescale Kinetis device? How about one that uses wolfSSL too! A member of the Freescale/NXP community (Denis Shimizu) recently adapted the original SMTP protocol implementation that is included with KSDK 1.3 to add in secure connections using the wolfSSL lightweight SSL/TLS library. The example […]

The security of wolfSSL products is always on our mind and holds high importance.  Conducting regular, diligent, and well-planned testing helps maintain wolfSSL’s robustness and security.  We strive to write and maintain clean, readable, and understandable code. Like the halting problem, we know it is impossible to test every single possible path through the software, […]

Hello wolfSSL stakeholders!  2015 was another fantastic year of progress for wolfSSL, and as we strive to provide transparency for our customers, users, employees, and open source community, we are again reporting on our progress for the year.  It was a good year!  We accomplished a lot in building towards our goals.   Our goals […]

OpenSSL recently released patches for two vulnerabilities [1] – one related to how OpenSSL generates Diffie-Hellman prime values and the other that potentially allowed a malicious client to negotiate old SSLv2 ciphers that had been disabled on the server.  Since both of these are OpenSSL implementation vulnerabilities, wolfSSL users are SAFE. For reference, the two […]

New in wolfSSL v3.8.0 we have added support for NXP’s LPCExpresso IDE and a reference project using the LPC18S37 on the OM13076 (LPCXpresso18S37) board. The reference project and README.md are located in the repository at: /IDE/LPCXPRESSO Please contact us at facts@wolfssl.com or support@wolfssl.com with any questions about using the wolfSSL embedded SSL/TLS library with LPCExpresso.

We have recently updated our ChaCha20-Poly1305 cipher suites. The ChaCha20-Poly1305 AEAD cipher suites are performant and use low amounts of memory, making it a good fit for IoT devices. This recent update allows for interoperability with the current OpenSSL, GnuTLS, and BoringSSL libraries when using ChaCha20-Poly1305 in a TLS connection and continues interoperability with libraries […]

1.  You want more robust security. 2.  You want to avoid the steady stream of security updates required by using OpenSSL. 3.  You are paranoid, and want to use quantum safe crypto. 4.  You are performance driven, and want to leverage the latest hardware crypto, or tune in progressive ciphers. 5.  You want direct support for the crypto […]

A new year, another attack on TLS.  Karthikeyan Bhargavan and Gaetan Leurent of INRIA recently announced the new attack.  TLS 1.2 allows negotiation of the hashing algorithm used for signatures, typically to “upgrade” the hash to a higher security level.  Before TLS 1.2 a combination of MD5 and SHA1 were used for signatures. TLS 1.2 […]