Faster No Assembly ChaCha20
At wolfSSL, we always try to get you the best results possible. Most of the time the best way to achieve this is to use assembly optimization. Unfortunately dedicated assembly tuning is targeted and time consuming so it is not always available for your platform. But there are still many ways to squeeze performance out of algorithms with just C. We have achieved up to a 60% speedup in ChaCha20 without using assembly! This was accomplished by performing the exclusive or (XOR) operation on the largest possible word supported by the system. The optimization was merged in https://github.com/wolfSSL/wolfssl/pull/6203 and first available in wolfSSL 5.6.2.
The benchmark was performed on a x86_64 machine with an AMD Ryzen 5 2600 processor. wolfSSL was configured without assembly optimization with ./configure.
These are the results without this optimization:
$ ./wolfcrypt/benchmark/benchmark -chacha20 ------------------------------------------------------------------------------ wolfSSL version 5.5.4 ------------------------------------------------------------------------------ wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each) CHACHA 294 MB took 1.016 seconds, 288.985 MB/s Cycles per byte = 11.77 Benchmark complete $ ./wolfcrypt/benchmark/benchmark -chacha20 ------------------------------------------------------------------------------ wolfSSL version 5.5.4 ------------------------------------------------------------------------------ wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each) CHACHA 278 MB took 1.017 seconds, 273.204 MB/s Cycles per byte = 12.45 Benchmark complete $ ./wolfcrypt/benchmark/benchmark -chacha20 ------------------------------------------------------------------------------ wolfSSL version 5.5.4 ------------------------------------------------------------------------------ wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each) CHACHA 299 MB took 1.006 seconds, 297.137 MB/s Cycles per byte = 11.44 Benchmark complete
These are the results with this optimization:
$ ./wolfcrypt/benchmark/benchmark -chacha20 ------------------------------------------------------------------------------ wolfSSL version 5.5.4 ------------------------------------------------------------------------------ wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each) CHACHA 451 MB took 1.010 seconds, 446.210 MB/s Cycles per byte = 7.62 Benchmark complete $ ./wolfcrypt/benchmark/benchmark -chacha20 ------------------------------------------------------------------------------ wolfSSL version 5.5.4 ------------------------------------------------------------------------------ wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each) CHACHA 472 MB took 1.003 seconds, 470.584 MB/s Cycles per byte = 7.23 Benchmark complete $ ./wolfcrypt/benchmark/benchmark -chacha20 ------------------------------------------------------------------------------ wolfSSL version 5.5.4 ------------------------------------------------------------------------------ wolfCrypt Benchmark (block bytes 1048576, min 1.0 sec each) CHACHA 472 MB took 1.004 seconds, 470.026 MB/s Cycles per byte = 7.23 Benchmark complete
If you have questions about the performance of the wolfSSL embedded TLS library, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now
Live Webinar: All the Cool Things We’ve Added This Year
Join us for an exclusive webinar on the exciting new additions of 2023, presented by wolfSSL Senior Software Engineer, Eric, on September 28th at 9 am PT. Eric will showcase the latest wolfSSL innovations of 2023! Let’s explore the exciting innovations that have been created by wolfSSL engineers this year and discover products and support that offer the best solutions for your projects.
Watch the webinar here: All the Cool Things We’ve Added This year
Sneak peek of the newly added cool products:
- SM Ciphers compliant with Chinese regulations
- Ada/SPARK binding
- wolfSSH ported over to Windows
- And much more!
This is your opportunity to uncover the advantages of using wolfSSL.
As always, our webinars will include Q&A sessions throughout the webinar. If you have questions about any of the above, please contact us at facts@wolfSSL.com, or call us at +1 425 245 8247
Download wolfSSL
wolfSSL Support for Renesas RZ/N2L
wolfSSL is delighted to announce that we have added support for the Renesas RZ/N2L. Renesas RZ/N2L uses a high-performance Arm Cortex-R52 core to easily add network functionality to industrial equipment and machines. The RZ/N2L is supported by an open and flexible ecosystem concept – the Flexible Software Package (FSP), built on FreeRTOS – and is expandable to use other RTOS and middleware.
As part of wolfSSL’s port to support the Renesas RZ/N2L board we have added example TLS client and server applications which demonstrate wolfSSL usage. These examples are compiled with e2Studio and run on the target board. The example applications for Renesas RZ/N2L with Renesas IDE e2studio project files are provided in the wolfSSL package, inside the “IDE/Renesas/e2studio/RZN2L” directory. A detailed instruction manual is also included to help you easily get started with wolfSSL on the platform.
These sample applications also leverage the Renesas Secure IP (RSIP), which enables cryptographic hardware acceleration. Currently wolfSSL supports the following Renesas RSIP crypto acceleration algorithms:
- SHA1/SHA256/SHA384/SHA512
- AES-CBC/AES-GCM
- RSA
Limitations:
The current version of the Renesas RSIP driver does not yet include API’s for TLS-related functionality. Therefore, wolfSSL’s usage of RSIP currently only uses hash and random generation while used inside TLS connections.
If interested in using wolfSSL on the RZ/N2L, or if you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL
eXtremeDB introduces support for wolfSSL
We are extremely excited to announce that McObject, a world leader in embedded and real-time database systems, has chosen wolfSSL as the TLS provider for their eXtremeDB family of database products.
About eXtremeDB
eXtremeDB is a high-performance, low-latency, ACID-compliant embedded database management system with support for both in-memory and persistent storage capability. Exceptionally fast, with unparalleled flexibility, eXtremeDB is used in virtually all embedded systems markets, from consumer electronics to network infrastructure devices to aerospace and defense systems.
In 2021, McObject released eXtremeDB/rt, the first-ever commercially supported deterministic database system suitable for use in hard real-time embedded systems. As an ACID-compliant DBMS, eXtremeDB/rt guarantees internal consistency, but with real-time features also guarantees external consistency when transactions complete within their deadlines. eXtremeDB/rt is designed for use in critical sensor data fusion systems such as avionics and aircraft navigation, driver assistance, medical equipment, power generation and distribution infrastructure, and any other high-reliability system that requires data management.
Why WolfSSL?
The eXtremeDB embedded database system powers mission critical systems that demand “five-nines” reliability (99.999% up-time), thus security and performance is an absolute necessity. When it came to choosing a TLS provider, McObject needed a library that it was confident would satisfy the stringent guarantees it provides to its customers. wolfSSL emerged as the clear choice for several reasons:
Size, Performance, and Flexibility
In the world of embedded systems, resource utilization is critical. wolfSSL can be configured to have an exceptionally small footprint, making it ideal for systems with constrained resources. It also offers the most customizability on the market, allowing users to tune it for highly specific optimization goals such as code size, stack usage, maximum performance, power consumption, and more.
Certification
Compliance is a non-negotiable requirement in secure systems, and eXtremeDB is no exception. wolfCrypt has FIPS 140-2 Certificates #3389 and #2425 and has a certificate for FIPS 140-3 on the way. wolfCrypt has also been DO-178C DAL-A certified for avionics.
Portability
eXtremeDB/rt is available and tightly integrated with all major commercial RTOS including those that are certified to airborne safety standards (DO-178). Therefore, it could not choose a TLS library that had any architectural or platform restrictions. wolfSSL is engineered for maximum portability, supporting virtually every hardware platform and operating system and, like eXtremeDB, can even run on bare-metal, making it the perfect match for eXtremeDB’s diverse use-cases.
The Best-Tested Cryptography Library
eXtremeDB is a DBMS that serves customers who demand 99.999% uptime, designed to power systems that cannot afford to fail. wolfSSL boasts an extensive testing regime, with continuous and rigorous evaluations to ensure the most secure, robust, and up-to-date cryptography solutions, making it a natural choice to satisfy eXtremeDB’s uncompromising customer requirements. Our claim as the best-tested cryptography library in the world is backed by numerous third party audits and our transparent software development process.
Getting Started with eXtremeDB
To get started with eXtremeDB, simply download the latest evaluation release, and then follow the instructions in the documentation to install the package and run the SDK samples. You can contact McObject at info@mcobject.com for more information or support.
By leveraging wolfSSL’s best-in-class TLS capabilities, eXtremeDB can now offer an additional layer of security without compromising on performance. This integration strengthens eXtremeDB’s position as a secure, fast, and reliable database solution for embedded systems and mission-critical real-time applications. We’re thrilled to partner with McObject and look forward to contributing to the ongoing success and security of eXtremeDB products.
For more information on how wolfSSL can enhance your security solutions, feel free to reach out to us at facts@wolfSSL.com, or call us at +1 425 245 8247 with any questions, comments, or suggestions.
Download wolfSSL
Live Webinar: How to Use wolfSSH on Windows
Join us for an informative webinar, wolfSSH on Windows, presented by wolfSSL Software Developer Jacob on September 21st. He will dive into the latest updates on wolfSSH tailored for the Windows environments.
Watch the webinar here: How to Use wolfSSH on Windows
wolfSSH has been ported to Windows, allowing it to operate as a service and host incoming SSH, SFTP and SCP connections. The power of wolfSSH extends further with the advantages of post-quantum support, along with the cryptographic library wolfCrypt, and it’s FIPS certified!
Don’t miss out on this opportunity to discover the benefits of using wolfSSH. This is your chance to gain knowledge about wolfSSH and enhance your technical skills.
As always, our webinars will include Q&A sessions throughout. If you have questions about any of the above, please contact us at facts@wolfSSL.com, or call us at +1 425 245 8247.
Download wolfSSL
wolfSSL DTLS1.3 ESP32 Examples Now Available
Last year, wolfSSL announced support for the new RFC 9147 DTLS1.3 Standard. We now have DTLS13 client and server examples available for the Espressif ESP32 series. These projects can optionally be used in conjunction with the command-line client and server examples.
There are a variety of DTLS (both 1.2 and 1.3) examples in the wolfssl-examples/dtls.
If you intend to use Wireshark to inspect packets and verify that your application is using the newest DTLS 1.3, as of September 2023 this feature has not yet been added. See WireShark issue #18071. In the meantime you can check the cipher suite attribute in the Wireshark packet inspection and confirm it is one of the valid TLS 1.3 cipher suites. See RFC 8446 Page 133:
+------------------------------+-------------+
| Description | Value |
+------------------------------+-------------+
| TLS_AES_128_GCM_SHA256 | {0x13,0x01} |
| | |
| TLS_AES_256_GCM_SHA384 | {0x13,0x02} |
| | |
| TLS_CHACHA20_POLY1305_SHA256 | {0x13,0x03} |
| | |
| TLS_AES_128_CCM_SHA256 | {0x13,0x04} |
| | |
| TLS_AES_128_CCM_8_SHA256 | {0x13,0x05} |
+------------------------------+-------------+
Just getting started with wolfSSL on the ESP32? Check out the recorded webinar on youtube
See also some of the recent ESP32 blogs such as the RISC-V ESP32-C3, running Linux on the ESP32-S3 and others.
There’s also support for wolfSSL on Espressif and more Espressif resources.
Do you have any questions related to using wolfSSL in your next project? Contact us at facts@wolfSSL.com or call us at +1 425 245 8247 to learn more.
Download wolfSSL
wolfCLU supports new x509 options
We are constantly enhancing wolfCLU, a command line utility for manipulating certificates. Recently we added some new x509 options. These additions, -req, -extfile, -extensions, -signkey and -* enhance the x509 functionality. Having these options added to wolfCLU helps with generatingself-signed x509 certificates when using the x509 command.
- [-req] Users can generate a certificate signing request (CSR) directly from the command line.
- [-extfile] Users can specify a file containing certificate extension configuration.
- [-extensions] Users can define certificate extensions directly in the command line.[-signkey] Users can provide an existing private key to sign the certificate being generated.
- [-*] Users can select any supported digest for signing. Currently sha1, sha256, sha384 and sha512 are available.
The following example demonstrates how to use these new options to update a self signed x509 certificate.
wolfssl x509 -req -in client-cert.csr -extfile wolfssl.cnf -extensions
uri -signkey client-key.pem -out client-uri-cert.pem
These new options are part of our ongoing commitment to provide a feature-rich and user-friendly experience with wolfCLU’s x509 command.
If you have any feedback, questions, or require support, please don’t hesitate to reach out to us at facts@wolfSSL.com. or call us at +1 425 245 8247.
Download wolfSSL
Post-Quantum: 3 New Draft Standards
After a long and arduous journey, NIST has finally released the draft standards for 3 post-quantum algorithms:
- https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.ipd.pdf
- https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.ipd.pdf
- https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.205.ipd.pdf
Let’s talk a little bit about each of the documents one by one.
FIPS-203 specifies ML-KEM which was based on the NIST Post-Quantum Competition’s only KEM winner Kyber. ML-KEM stands for Module Lattice-based Key Encapsulation Mechanism. It defines 3 parameter sets; each at a different level of security:
- ML-KEM-512 (security equivalence to AES-128)
- ML-KEM-768 (security equivalence to AES-192)
- ML-KEM-1024 (security equivalence to AES-256)
ML-KEM is appropriate as a general replacement for quantum-vulnerable key exchange algorithms such as ECDH or FFDH. Note that ECDH and FFDH happen to be Non-Interactive Key Exchange (NIKE) algorithms, but ML-KEM is not so for applications where the non-interactivity is a requirement, ML-KEM is NOT an appropriate drop-in replacement. While the performance of ML-KEM is very good, the cryptographic artifact sizes are larger than those of ECDH and FFDH.
FIPS 204 specifies ML-DSA which was based on the NIST Post-Quantum Competition’s Signature Scheme winner Dilithium. ML-DSA stands for Module Lattice Digital Signature Algorithm. It defines 3 parameter sets; each at a different level of security:
- ML-DSA-44 (security equivalence to SHA3-256)
- ML-DSA-65 (security equivalence to AES-192)
- ML-DSA-87 (security equivalence to AES-256)
Interestingly, the numbers in the parameter set names refers to the dimensions of a matrix that is used during key generation. For example, for ML-DSA-65, that matrix is 6 by 5 thus the 65. ML-DSA is appropriate as a general replacement for quantum-vulnerable signature algorithms such as ECDSA and RSA. While the performance of ML-DSA is very good, the cryptographic artifact sizes are larger than those of ECDSA and RSA.
FIPS 205 specifies SLH-DSA which was based on the NIST Post-Quantum Competition’s Signature Scheme winner SPHINCS+. SLH-DSA stands for StateLess Hash-based Digital Signature Algorithm. It defines 12 parameter sets:
- SLH-DSA-SHA2-128s
- SLH-DSA-SHAKE-128s
- SLH-DSA-SHA2-128f
- SLH-DSA-SHAKE-128f
- SLH-DSA-SHA2-192s
- SLH-DSA-SHAKE-192s
- SLH-DSA-SHA2-192f
- SLH-DSA-SHAKE-192f
- SLH-DSA-SHA2-256s
- SLH-DSA-SHAKE-256s
- SLH-DSA-SHA2-256f
- SLH-DSA-SHAKE-256f
The names can be seen as having the following format:
SLH-DSA-<hash>-<AES equivalence><optimization>
<hash> : Either SHA2 or or SHAKE. This is the hashing algorithm that is used for that parameter set.
<AES equivalence> : 128, 192, or 256. The security equivalence to AES.
<optimization> : s or f. ‘s’ is for small and ‘f’ is for fast.
SLH-DSA is appropriate as a general replacement for already standardized Stateful Hash-based Signature Schemes such as LMS and XMSS which are currently already standardized by NIST and are suggested for use for firmware signing and verification by the CNSA 2.0 guidance put out by the NSA. The performance and artifact sizes of SLH-DSA are comparable to LMS and XMSS.
This begs the question, since LMS and XMSS are already quantum-safe, why would they need to be replaced? The answer is that the management of the state in the Stateful Hash-based Signature Schemes is a potential pitfall and makes it vastly more difficult to use.
Finally, those of you that have been following this process are probably wondering what happened to Falcon. It is also getting a draft standard but is more difficult to implement so NIST is taking extra care and more time to write the draft standard for it.
If you have questions on any of the above, please contact us at facts@wolfSSL.com, or call us at +1 425 245 8247.
Download wolfSSL
Post-Quantum Script Magician: Igor Barshteyn
Today we’d like to give a quick shout out to Igor Barshteyn! He is a long time and active member of the cryptography and information security communities. His interests are very apparent in his posts on LinkedIn.
Besides sleuthing out the the NIST post-quantum draft standards the day before their release and a multitude of other interesting posts, he has come up with a script to allow for easy experimentation in wolfSSL with post-quantum algorithms hybridized with NIST ECC curves in our fips-ready releases. But why would he do that?
Well, if you’re interested in cryptographic compliance, then you will know that the NSA’s CNSA 2.0 guidance requires the use of Kyber. You’ll also know that FIPS 140-2/3 requires the use of FIPS approved ECC curves for key exchange. Moreover, NIST has stated that an ECC key exchange done in a FIPS 140 approved mode of operation can be hybridized a with a post-quantum algorithm and still be considered in a FIPS 140 approved mode of operation. See FQAs for more detail.
Are you curious to see how hybrid FIPS 140 approved mode of key exchange hybridized with the CNSA 2.0 approved Kyber will perform in your environment or on your system? You can find out today!! Check out Igor’s post which has great instructions and a link to his script!Are you curious to see how hybrid FIPS 140 approved mode of key exchange hybridized with the CNSA 2.0 approved Kyber will perform in your environment or on your system? You can find out today!! Check out Igor’s post which has great instructions and a link to his script!
If you have questions on any of above, please contact us at facts@wolfSSL.com, or call us as +1 425 245 8247.
Download wolfSSL
Live Webinar: Reasons to Migrate from OpenSSL to wolfSSL
Are you seeking a superior alternative to OpenSSL with better support and smoother workflow?
wolfSSL can fulfill your needs, addressing the gaps you might be experiencing while using OpenSSL. Join our upcoming webinar hosted by wolfSSL engineer Anthony, where he will focus on advantages of switching to wolfSSL. Discover why choosing wolfSSL over OpenSSL can reshape your projects.
Watch the webinar here: Migrate from OpenSSL to wolfSSL
Sneak peek of the webinar:
- Certified FIPS provider
- Support for the QUIC protocol (–enable-quic)
- Support for Post-quantum integration
- Top-notch support services
- And much more!
Anthony will provide in-depth insights into what sets wolfSSL apart from OpenSSL. Watch it now to explore the potential benefits of using wolfSSL. Let us introduce you to solutions that work best for your projects!
As always, our webinars will include Q&A sessions throughout the webinar. If you have questions on any of the above, please contact us at facts@wolfSSL.com, or call us at +1 425 245 8247.
Download wolfSSL