Category: Uncategorized

Join wolfSSL for Cybersecurity Innovations at AMD AC Summits in North America

We are thrilled to announce that wolfSSL will be participating in all the upcoming AMD AC Summits across North America, kicking off in Boston, MA on May 7th and concluding in Dallas, TX on May 21st. As a leading provider of lightweight, portable, embedded SSL/ TLS software, we’re excited to be a part of AMD AC Summit to explore the latest advancements and opportunities in the industry.

Event Details

  • Boston, MA | May 7th
  • Washington D.C., MD | May 9th
  • Los Angeles, CA | May 14th
  • San Jose, CA | May 16th
  • Dallas, TX | May 21st

Why wolfSSL?

wolfSSL brings cutting-edge solutions to the table, including support for UltraScale+, MicroBlaze, AMD Zen and x86 processors. Tested and benchmarked on boards such as; Versal, ZCU102, and the Zynq series.

  • wolfSSL: Our lightweight and portable SSL/TLS library, written in C, is powered by the wolfCrypt library, currently on the CMVP Modules in Process List for FIPS 140-3. wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3 protocol levels.
  • wolfBoot: our secure bootloader solution is a portable, OS-agnostic, and for 32-bit microcontrollers and IoT devices. It ensures the prevention of loading malicious or unauthorized firmware on the target. Our implementation leverages wolfSSL’s underlying wolfCrypt module for signature authentication of running firmware, with support for DO-178 and MISRA compliance support.
  • Hardware Platform Support: Our solutions are tested and optimized for a wide range of hardware platforms, including Ultrascale+ and Versal. Plus, our architecture is designed for easy portability to new hardware, ensuring seamless integration with your next-generation devices.
  • Post-Quantum Support: Our own implementation of NIST’s ML-KEM protocol, commonly referred to as Kyber, has been seamlessly integrated with wolfSSL. We are in the advanced stages of planning further integrations with wolfBoot and curl to enhance our cryptographic capabilities. Our goal is to support you in meeting the CASA 2.0 standards, ensuring robust cryptographic protection for your systems.

Let’s Connect:

Register today to secure your spot at the AMD AC Summit and connect with wolfSSL. Join us to explore solutions to enhance your cybersecurity systems.

If you have questions about any of the above, or would like to schedule a meeting with us, please reach out to facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Join Our Webinar: Everything You Need to Know about FIPS 140-3 in 2024

Join us on May 9th at 10am PT for an enlightening webinar hosted by Kaleb Himes, Senior Software Engineer at wolfSSL, as we explore the critical aspects of FIPS 140-3. This webinar will deep dive into the fundamentals, benefits of wolfCrypt FIPS, and the essentials of FIPS certification.

Watch the webinar here: Everything You Need to Know about FIPS 140-3

During this detailed session, you will gain insights into:

  • The benefits of FIPS 140-3 for securing cryptographic modules
  • Detailed FIPS certification and compliance procedures
  • Understanding the significance of an Operational Environment (OE)
  • Exploring how wolfCrypt FIPS can be integrated as kernel modules
  • Utilizing wolfEngine and wolfProvider to meet OpenSSL FIPS 140-3 requirements
  • Latest updates on the status of wolfCrypt FIPS 140-3

Watch now to ensure you don’t miss out on this valuable opportunity to deepen your understanding of FIPS 140-3 and its certification process. Learn how wolfCrypt FIPS can streamline your FIPS compliance needs.

As always, our webinar will include a live Q&A session. If you have any questions about wolfCrypt FIPS, FIPS 140-3 certification, or any related topics, please feel free to contact us at facts@wolfssl.com or call us at +1 425 245 8247.

Download wolfSSL Now

PQC support for the Zephyr port

PQC support for the Zephyr port was introduced in the last wolfSSL release using liboqs. This involved adding necessary files to the CMakeLists.txt for the Zephyr module. Zephyr is an open-source real-time operating system (RTOS) designed for resource-constrained devices and embedded systems. It is maintained by the Linux Foundation and supported by a vibrant community of developers and contributors.

PR #7026 (https://github.com/wolfSSL/wolfssl/pull/7026) also addressed proper random number generation within liboqs by using the wolfSSL interface. Previously, liboqs random data acquisition relied on various sources, depending on the liboqs build configuration. With the changes, a custom RNG method is provided through the OQS_randombytes_custom_algorithm() interface, enabling liboqs to obtain RNG data from wolfSSL for all generic liboqs uses.

If you have questions about post quantum or any of the above, please contact facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Join Us in Stockholm for curl-up 2024

Exciting news from cURL! We’re thrilled to announce that in just 2 days, the much-anticipated curl-up 2024 event will kick off in Stockholm, Sweden from May 4th to the 5th. This event is a key gathering for software developers, open-source enthusiasts, and network professionals who use or contribute to cURL.

We’re inviting all cURL contributors, maintainers, and fans to join us. This is a perfect opportunity for you to engage directly with Daniel Stenberg, the founder and maintainer of cURL, as well as network with other speakers and industry experts in software development and open-source technology.

Date: May 4th to the 5th

Location: Best Western, Döbelnsgatan 17, 111 40 Stockholm, Sweden

Stay updated on event details, including the venue and agenda, on our dedicated web page, curl-up 2024.

We are excited to support our top-100 contributors with traveling and lodging expenses. Please consult the funding attendance section on our website to view the regulations and eligibility requirements.

Registration is mandatory. Register now to secure your space! Let’s make curl-up 2024 an unforgettable weekend. We can’t wait to see you there!

For any inquiries regarding the event, please don’t hesitate to contact us at facts@wolfSSL.com or call us at +1 425 245 9247.

Download wolfSSL Now

wolfSSL on Microblaze

MicroBlaze, developed by Xilinx, is a soft processor core optimized for Xilinx FPGAs. It offers flexibility and scalability, making it suitable for a wide range of applications, including embedded systems and IoT devices. Integrating wolfSSL’s AES-GCM with MicroBlaze is possible and has been done running on a soft CPU on MicroBlaze. In the latest wolfSSL release this integration saw some additional enhancements. When used on a MicroBlaze, wolfSSL’s AES-GCM enhances the security capabilities of FPGA-based systems, enabling developers to implement secure communication protocols and data encryption mechanisms. There is also the option of setting up wolfSSL so that it makes use of Xilinx’s xilsecure while running on the Microblaze. Increasing the AES-GCM performance significantly.

For more information about using wolfSSL on a MicroBlaze or if you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

RSA-PSS with CRL’s

Did you know wolfSSL has integration of RSA-PSS signatures with Certificate Revocation List (CRL) support?

RSA-PSS: Enhancing Security Layers

RSA-PSS, or Probabilistic Signature Scheme, represents a modern approach to digital signatures. Unlike traditional RSA signatures, RSA-PSS offers improved security properties, making it more resilient against various cryptographic attacks. By adopting RSA-PSS, wolfSSL users benefit from heightened security, enhancing the integrity of cryptographic operations.

Certificate Revocation List (CRL): Managing Certificate Integrity

In the realm of certificate management, CRL plays a pivotal role. It serves as a mechanism for indicating the revocation status of digital certificates. With CRL, systems can promptly identify and reject compromised or revoked certificates, bolstering the overall security posture. Integrating CRL support into wolfSSL empowers users with efficient certificate management capabilities, ensuring the authenticity and integrity of cryptographic transactions.

Empowering wolfSSL with RSA-PSS and CRL Integration

The fusion of RSA-PSS with CRL support within wolfSSL is a logical step when providing cutting-edge security solutions. Now, wolfSSL users can leverage the combined strength of RSA-PSS signatures and CRL management to fortify their cryptographic environments.

To delve deeper into the RSA-PSS with CRL integration in wolfSSL, visit our GitHub repository (https://github.com/wolfSSL/wolfssl/pull/7119) or reach out to facts@wolfSSL.com for assistance.

Thank you for entrusting wolfSSL as your ally in cybersecurity.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Removal of user RSA

In the last release of wolfSSL there was some house cleaning done on older RSA implementations. The user RSA layer was removed along with the hooks used for tying in IPP. When those were first introduced we had yet to implement SP (single precision) versions of RSA. Fast forward to today, and there is a faster implementation of RSA in wolfSSL itself. In IPP v0.9 it was able to do 990.09 RSA 2048 bit sign operations per second and in wolfSSL 5.7.0 it was able to run 1,015.23 operations per second. Verify operations took around the same time with both libraries now at 35,714 operations per second on average. These measurements were collected on an older Intel(R) Core(TM) i7-4870HQ CPU. Along with a performant implementation of RSA there are now the crypto callbacks if desiring to plug in custom RSA operations. This being the case the –enable-fastrsa, user RSA, and IPP hooks were dropped to lower maintenance and reduce bundle size.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Live Webinar: Migrating from Mocana to wolfSSL

Join our upcoming webinar, ‘Migrating from Mocana to wolfSSL,’ on May 2nd at 10 am PT hosted by wolfSSL Senior Software Engineer, Eric Blankenhorn. He will unveil the advantages of switching to wolfSSL, offering a superior alternative to Mocana with better support and a smoother workflow.

Watch the webinar here: Migrating from Mocana to wolfSSL

During this session, Eric will provide in-depth insights into what makes wolfSSL different from Mocana and address the gaps you might be experiencing while using Mocana. Discover a smooth transition from Mocana to wolfSSL, along with best practices for ensuring security continuity. Explore the potential benefits of using wolfSSL and learn how to optimize performance during the migration process. Let us introduce you to solutions that work best for your projects!

Watch now, for this informative webinar on migrating from Mocana to wolfSSL and ensure your cybersecurity remains robust and up-to-date!

As always, our webinars will include Q&A sessions throughout. If you have questions on any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

How to unload intermediate certificates with wolfSSL?

Recently, a notable modification was introduced in wolfSSL, a prominent provider of security solutions. Pull request #7245 (https://github.com/wolfSSL/wolfssl/pull/7245) focuses on optimizing memory management by introducing a function to unload intermediate CA certificates and free up memory. Let’s explore the significance of this code change and its potential impact on enhancing efficiency and resource utilization within cryptographic applications.

Specifically, the code change addresses the need to efficiently handle intermediate Certificate Authority (CA) certificates. These certificates, while essential for establishing trust chains in cryptographic operations, can consume valuable memory resources, particularly in resource-constrained environments.

The essence of the code change lies in the introduction of a dedicated function (wolfSSL_CertManagerUnloadIntermediateCerts()) to unload intermediate CA certificates from memory when they are no longer needed. By using this function, developers can optimize resource utilization, thereby enhancing the overall efficiency and stability of cryptographic operations.

Key Benefits: The introduction of the function to unload intermediate CA certificates brings several notable benefits:

  1. Efficient Memory Management: By providing a mechanism to unload intermediate CA certificates from memory, the code change ensures efficient utilization of resources. This is particularly crucial in environments where memory constraints are a concern, such as embedded systems and IoT devices.
  2. Prevention of Memory Leaks: Memory leaks can pose significant security and reliability risks in software applications. The new function helps prevent memory leaks by explicitly releasing memory allocated for intermediate CA certificates when they are no longer required, thereby improving the robustness of cryptographic operations.
  3. Scalability and Performance: Optimal memory management contributes to improved scalability and performance of cryptographic applications. By freeing up memory resources, the code change enables applications to handle larger workloads more efficiently, leading to enhanced responsiveness and overall performance.

By incorporating the function to unload intermediate CA certificates, developers can optimize resource utilization and mitigate potential security risks associated with memory management issues. This not only enhances the reliability and stability of cryptographic applications but also contributes to the overall security resilience of the systems in which they are deployed.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

ML-KEM and ML-DSA at the CAVP

The CAVP (Cryptographic Algorithm Validation Program) now has testing available for ML-KEM (Kyber) and ML-DSA (Dilithium). Initial Draft standards for these algorithms have been released as FIPS-203 and FIPS-204 respectively.

You can find the various .json test cases here:

Whenever you’re ready, we’ll be able to do CAVP testing of our implementations of these algorithms. Let us know about your interest in this!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Posts navigation

1 2 3 24 25 26 27 28 29 30 197 198 199