WolfSSL 2013 update – Chris Conlon

wolfSSL (formerly yaSSL) is a company of 10 spread over 6 places. CyaSSL is used in about 500M endpoints. All products are dual-licensed GPLv2 – commercial.

CyaSSL is absolutely small: 100K footprint for the full stack, can be pruned to 20K for a single TLS1.2 cipher suite. Consumes max 36K RAM per session. The crypto library (wolfCrypt) is also available separately.

wolfSSL JNI is a JNI wrapper around CyaSSL. Created because a customer wanted DTLS1.2 which Java currently doesn’t have – so they just wrapped the entire library.

wolfSCEP is a SCEP client that makes it possible to issue and revoke certificates.

New hash function: Blake2b, which is about as fast as md5 but has quality of sha256.

wolfSSL now uses the AES-NI instructions on Intel platforms, RNG on Freescale K microcontrollers and ST STM32.

Added support for persistent session and certificate caching (in a file or in memory).

It’s on track for FIPS 140-2 certification.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s