Participate Now | curl User Survey 2024
wolfSSL Blog
by Shizuka Ishikiriyama
10h ago
We are excited to announce the opening of the 11th annual curl user survey 2024. As part of our ongoing commitment to enhance your experience and adapt to community needs, we invite all curl and libcurl users to share their invaluable feedback. Take the Survey This survey serves as the primary channel to connect with url and libcurl users, understanding their views and preferences without any tracking, cookies, or advertisements on our website. Your participation helps us maintain our privacy-focused user feedback tools, ensuring that we respect your digital space while gathering essential ins ..read more
Visit website
MQTT v5.0 versus v3.1.1
wolfSSL Blog
by Shizuka Ishikiriyama
22h ago
wolfMQTT was updated to support the draft MQTT v5.0 version of the specification in 2018. The specification was finalized in 2019, and wolfSSL has been a proponent of the new version ever since! Enhanced Session Management: MQTT v5.0 introduces improved session management, allowing clients to resume sessions seamlessly. This feature ensures continuity and reliability, especially in scenarios where connections may be unstable or intermittent. Extended Message Properties: Version 5.0 introduces extended message properties. These properties offer richer metadata for messages, enabling more s ..read more
Visit website
WolfSSL now supported on PlatformIO
wolfSSL Blog
by Shizuka Ishikiriyama
2d ago
The best encryption libraries are now available on the PlatformIO environment! At wolfSSL, we continue to embrace rapid prototyping environments, including Arduino, Visual Studio, and now PlatformIO for VS Code, among other IDE applications. There are hundreds of boards supported by PlatformIO on numerous frameworks and platforms. We are providing two different Official wolfSSL libraries: standard and another specifically for Arduino: wolfssl/wolfSSL wolfssl/Arduino-wolfSSL There are also two different versions: the stable release versions (above) and these staging updates, with the latest ..read more
Visit website
What is the difference between AES and ECC?
wolfSSL Blog
by Shizuka Ishikiriyama
2d ago
AES (Advanced Encryption Standard) and ECC (Elliptic Curve Cryptography) are both cryptographic algorithms used for securing data, but they operate in different ways and serve different purposes: AES (Advanced Encryption Standard) AES is a symmetric encryption algorithm, meaning the same key is used for both encryption and decryption. It operates on blocks of data and is commonly used for encrypting large amounts of data, such as files or entire hard drives. AES is widely adopted and considered secure when used with sufficiently long keys (128, 192, or 256 bits). Code Size: The code size for ..read more
Visit website
WolfCrypt JCE Provider and JNI Wrapper 1.6.0 Now Available
wolfSSL Blog
by Shizuka Ishikiriyama
2d ago
wolfCrypt JNI/JCE 1.6.0 is now available for download! wolfCrypt JNI/JCE provides Java-based applications with an easy way to use the native wolfCrypt cryptography library. The thin JNI wrapper can be used for direct JNI calls into native wolfCrypt, or the JCE provider (wolfJCE) can be registered as a Java Security provider for seamless integration underneath the Java Security API. wolfCrypt JNI/JCE also supports running on top of wolfCrypt FIPS 140-2 and the upcoming wolfCrypt 140-3 modules for easy conformance to FIPS cryptography requirements in your Java-based application or service. Relea ..read more
Visit website
Elevate Your Cybersecurity Skills: Master wolfSSL, DTLS 1.3, and FIPS with Comprehensive Training Videos
wolfSSL Blog
by Shizuka Ishikiriyama
5d ago
In today’s fast-paced world, staying ahead of the curve isn’t just advantageous—it’s essential. Continuous learning is key to personal and professional growth. At wolfSSL, we recognize this need, which is why we host webinars featuring tailored training courses for various skill levels. Our software engineers guide you through the fundamentals to advanced features, empowering you to master wolfSSL, DTLS 1.3, and wolfCrypt FIPS. wolfSSL 2 Parts Training Elevate your cybersecurity expertise with wolfSSL. Join wolfSSL Engineering Manager Chris Conlon for comprehensive sessions tailored to both no ..read more
Visit website
Join Our Live Webinar: Benchmarks with wolfSSL
wolfSSL Blog
by Shizuka Ishikiriyama
5d ago
Get excited for the upcoming webinar on ‘Benchmarks with wolfSSL,’ scheduled for May 16th at 10am PT. Led by wolfSSL Senior Software Engineer Jacob Barthelmeh, this session is set to be a deep dive into SSL/TLS performance optimization techniques. During the webinar, Jacob will demonstrate how the wolfSSL embedded SSL/TLS library excels in various hardware devices and environments, providing detailed insights into cryptographic performance analysis. Mark your calendars for May 16th at 10am PT Sneak peek into the webinar agenda: Analyzing Performance History in Cryptography Evaluating Cryptogr ..read more
Visit website
WolfSSL JSSE Provider and JNI Wrapper 1.13.0 Now Available
wolfSSL Blog
by Shizuka Ishikiriyama
1w ago
wolfSSL JNI/JSSE 1.13.0 is now available for download! wolfSSL JNI/JSSE provides Java-based applications with an easy way to use the native wolfSSL SSL/TLS library. The thin JNI wrapper can be used for direct JNI calls into native wolfSSL, or the JSSE provider (wolfJSSE) can be registered as a Java Security provider for seamless integration underneath the Java Security API. wolfSSL JNI/JSSE provides TLS 1.3 support and can also support running on top of wolfCrypt FIPS 140-2 and the upcoming wolfCrypt 140-3 modules. Release 1.13.0 contains a significant number of bug fixes, changes, and new fea ..read more
Visit website
Vulnerability Disclosure: wolfSSH (CVE-2024-2873)
wolfSSL Blog
by Shizuka Ishikiriyama
1w ago
Affected Users: Anyone using wolfSSH server versions prior to release v1.4.17. Summary: It is possible for a malicious client to bypass user authentication when logging into a wolfSSH server. The wolfSSH server was not rigorous about checking the current state of the key exchange when handling channel open messages. wolfSSH’s example echoserver and the wolfSSHd server will not allow one to obtain a shell as root or any other user. By skipping the user authentication, the user’s login name won’t be set, and the server will error out because it cannot find the user’s home directory. At this poin ..read more
Visit website
WolfSSH, SHA-1, and Configuration
wolfSSL Blog
by Shizuka Ishikiriyama
1w ago
wolfSSH is following the industry common practice of removing SHA-1 as a default configuration option. SHA-1 has been considered broken for a while now and shouldn’t be used for security purposes. [RFC 8332](https://datatracker.ietf.org/doc/html/rfc8332) recognizes this for the SSH protocol and offers new RSA-based algorithms for signing authentication messages. In the wolfSSH v1.4.15 release, we were heavy-handed when it came to disabling SHA-1 and removed it from the compile using a preprocessor flag. There was an option to add it back in, but its use wasn’t clear. This was a mistake. For wo ..read more
Visit website

Follow wolfSSL Blog on FeedSpot

Continue with Google
Continue with Apple
OR