EDMONDS, Wash., March 26, 2019 /PRNewswire-PRWeb/ -- wolfSSL, a leading provider of TLS, cryptography and the world's first commercial TLS 1.3 release, announces FIPS 140-2 Certificate #3389 is posted. With this fresh new certification, wolfCrypt now supports hardware encryption in combination with FIPS and includes the most current TLS 1.3 algorithms. wolfSSL is the only TLS FIPS cert that can add new hardware encryption schemes as needed.
"The wolfSSL team solved extremely difficult problems for their FIPS 140-2 validated cryptography consumers," stated Mark Minnoch, KeyPair Consulting Co-Founder. "wolfCrypt is the only FIPS validated software library that works with TLS 1.3 and includes a validated entropy source for generating keys. This is a big deal. And, the wolfSSL support staff have the FIPS expertise to quickly include new hardware encryption solutions to meet future customer requirements."
Hardware encryption keeps the encryption/decryption process isolated, improving security and performance. A key is still required to start the encoding process but is generated randomly by the hardware processor itself. DRBG key generation can be done now within the FIPS boundary if you have a FIPS-approved entropy source like Intel RDSEED. If the hardware crypto source has been approved, other sources can be used as well such as alternative hardware. wolfSSL adds hardware encryption to the certificate.
Cipher suites are documented sets of algorithms used for a TLS connection. The set of algorithms that cipher suites usually contain include key exchange, signature, encryption and message authentication. wolfSSL has added new algorithms to certificates so that the common cipher suites can now be done with FIPS in TLS 1.3. AES-GCM is significant as it is the workhorse of the process. During a connection, most data goes through AES-GCM "bulk encryption". Another common cipher suite that is now part of the wolfSSL FIPS boundary is ECDHE-RSA-AES256-GCM-SHA384, and ECDSA is now within the wolfSSL FIPS boundary instead of RSA.
wolfSSL CTO and co-founder Todd Ouska stated, "Providing the most current FIPS 140-2 validated version of wolfCrypt with hardware encryption means that wolfSSL not only has support for TLS 1.3, but it also has the hardware encryption backbone to support your FIPS 140-2 performance needs."
wolfSSL is a TLS/SSL library that is targeted for embedded devices and systems. It has support for the TLS 1.3 protocol, which is a secure protocol for transporting data between devices and across the Internet. In addition, wolfSSL uses the wolfCrypt encryption library to handle its data encryption.
For more information on FIPS-Ready visit: https://www.wolfssl.com/license/fips/
The FIPS enabled GPLv3 version will be available for download from our website.
Download wolfSSL under the GPLv2 license at:
https://github.com/wolfssl - or -
For licensing questions, contact licensing(at)wolfssl.com
wolfSSL focuses on providing security solutions with an emphasis on speed, size, portability, features, and standards compliance. Dual-licensed to cater to a diversity of users, we are happy to help our customers and community in any way we can. Our products are open source, giving customers the freedom to look under the hood. Our wolfSSL embedded TLS library is the first commercial release of TLS 1.3 in the world.