wolfssl year in review, 2013

YEAR IN REVIEW FOSDEM 2014 FEBRUARY 1, 2014

BRUSSELS, BELGIUM

© Copyright 2014 wolfSSL Inc.

Software Developer

Bozeman, MT, USA

CHRIS CONLON

© Copyright 2012 FishEyeGuyPhotography


10 employees in 3 countries. 500 million endpoints secured.

A GROWING COMPANY!


Tokyo, JPJoão Pessoa

BRAZIL

Bozeman, MT

Seattle, WA

Portland, OR

San Jose, CA

Over lots of different markets.

500 MILLION


Databases

Sensors VoIP

Smart Grid

Smart Energy

Factory Automation

Battlefield Communication

Automotive

Routers

Connected Home

M2M Games Appliances

Cloud Services

Internet of Things Applications

PRESENTATION OUTLINE

1. Our Products

2. What’s New

3. Questions & Wrap-Up


OUR PRODUCTS


CyaSSLLightweight SSL/TLS

wolfCryptCrypto Engine

yaSSLEWSEmbedded Web Server

wolfCrypt

wolfSSL JNICyaSSL Java Wrapper

SSL ProxyOn top of Squid Proxy

SSL Inspection

Secure memcached wolfSCEP

CyaSSL

LIGHTWEIGHT. PORTABLE. C-BASED.

ü  Up to TLS 1.2 and DTLS 1.2

ü  20-100 kB footprint

ü  1-36 kB RAM per session

ü  Long list of supported operating systems:

Lightweight SSL / TLS Library

CyaSSLLightweight SSL/TLS

wolfCrypt

SSL Inspection


Windows, Linux, Mac OS X, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, WinCE

Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, NonStop

TRON/ITRON/uITRON, Micrium uC/OS, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, HP/UX, ARC MQX

…

wolfCrypt

PORTABLE MODULAR CRYPTOGRAPHY

ü  Previously called “CTaoCrypt”

ü  Working on splitting into separate product

ü  Progressive list of supported ciphers

ü  Modular design, assembly optimizations

Cryptography Engine

wolfCryptCrypto Engine


AES (CBC, CTR, CCM, GCM), DES, 3DES, Camellia, ARC4, RABBIT, HC-128

MD2, MD4, MD5, SHA-1, SHA-256, SHA-384, SHA-512, BLAKE2b, RIPEMD-160

RSA, ECC, DSS, DH, EDH, NTRU HMAC, PBKDF2, PKCS#5 ECDH-ECDSA, ECDHE-ECDSA, ECDH-RSA, ECDHE-RSA

…

yaSSLEWSEmbedded Web Server

yaSSLEWS

LOW RESOURCE, EMBEDDABLE, WEB SERVER

ü  Fast, easy-to-use webserver

ü  Small footprint (100kB with HTTPS)

ü  CGI, SSI, IP restrictions, logging, aliases

ü  Multiple operating environments supported

Embedded Web Server


wolfSSL JNICyaSSL Java Wrapper

wolfSSL JNI

BRINGING CYASSL TO JAVA USERS

ü  JNI wrapper around CyaSSL

ü  Current Java doesn’t support DTLS 1.2 ü  Users no longer need to write their own!

ü  Same licensing model – GPLv2 or commercial

CyaSSL Java Wrapper


NEW!

wolfSCEP

wolfSCEP

PORTABLE SCEP IMPLEMENTATION

ü  Issuing and revocation of certificates

ü  Protocol originally developed by CISCO

ü  Lightweight, portable SCEP implementation

ü  Uses wolfCrypt for crypto operations

ü  Currently under development

Simple Certificate Enrollment Protocol


NEW!

WHAT’S NEW? IN THE PAST YEAR.


I.  Protocol Enhancements II.  Crypto Additions / Changes III.  Library Control / Portability IV.  Examples and Documentation V.  Porting Progress VI.  Business News

•  Fix for Lucky13 Attack

•  DTLS 1.2 Support

•  DTLS reliability enhancements

PROTOCOL ENHANCEMENTS


Updated to match TLS 1.2 Addition of AEAD ciphers

Nadhem AlFardan, Kenneth Paterson

•  New TLS Extension Support:

PROTOCOL ENHANCEMENTS


Server Name Indication Max Fragment Length Truncated HMAC

Client can send name of server it is connecting to. Client can negotiate smaller maximum fragment size (default of 2^14). Use 80-bit truncated HMAC instead of using entire hash output as MAC

./configure --enable-tlsx!

•  SHA-3 Finalist BLAKE2b (256 – 512bit digests)

CRYPTO ADDITIONS / CHANGES


int InitBlake2b(…);!int Blake2bUpdate(…);!int Blake2bFinal(…);!

0

50

100

150

200

250

300

350

400

SHA-256 SHA-512 SHA BLAKE2b MD5

MB

/s

•  AES-CCM-8 crypto and cipher suites



./configure --enable-aesccm!!aes.c / aes.h!!void AesCcmSetKey(…);!void AesCcmEncrypt(…);!int AesCcmDecrypt(…);!

TLS_RSA_WITH_AES_128_CCM_8!TLS_RSA_WITH_AES_256_CCM_8!TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8!TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8!TLS_PSK_WITH_AES_128_CCM!TLS_PSK_WITH_AES_256_CCM!TLS_PSK_WITH_AES_128_CCM_8!TLS_PSK_WITH_AES_256_CCM_8!

•  Camellia crypto and cipher suites



./configure --enable-camellia!!!camellia.c / camellia.h!!int CamelliaSetKey(…);!int CamelliaSetIV(…);!void CamelliaEncryptDirect(…);!void CamelliaDecryptDirect(…);!void CamelliaCbcEncrypt(…);!void CamelliaCbcDecrypt(…);!

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA!TLS_RSA_WITH_CAMELLIA_256_CBC_SHA!TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256!TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256!TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA!TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA!TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256!TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256!

•  SHA-384 cipher suites

•  HMAC now supports SHA-512

•  AES-NI support for AES-CCM and AES-GCM



•  PKCS #7 (Cryptographic Message Syntax)

•  PKCS #10 (Certificate Signing Request)



ü  Used to sign / encrypt messages

ü  Request certificate of public key from CA

•  Persistent session cache

LIBRARY CONTROL / PORTABILITY


./configure --enable-savesession!!!/* using files */!int CyaSSL_save_session_cache(const char*);!int CyaSSL_restore_session_cache(const char*);!!!/* using buffers */!int CyaSSL_memsave_session_cache(void*, int);!int CyaSSL_memrestore_session_cache(const void*, int);!int CyaSSL_get_session_cache_memsize(void);!

•  Persistent CA certificate cache



./configure --enable-savecert!!!/* using files */!int CyaSSL_CTX_save_cert_cache(CYASSL_CTX*, const char*);!int CyaSSL_CTX_restore_cert_cache(CYASSL_CTX*, const char*);!!!/* using buffers */!int CyaSSL_CTX_memsave_cert_cache(CYASSL_CTX*, void*, int, int*);!int CyaSSL_CTX_memrestore_cert_cache(CYASSL_CTX*, const void*, int);!int CyaSSL_CTX_get_cert_cache_memsize(CYASSL_CTX*);!

•  Atomic record callbacks

•  Public key callbacks



ü  MAC / Encrypt ü  Decrypt / Verify

ü  ECC sign & verify ü  RSA sign & verify ü  RSA encrypt & decrypt

**Can be useful when offloading to hardware module

•  Ability to unload keys and certificates



int CyaSSL_CTX_UnloadCAs(CYASSL_CTX*);!int CyaSSL_UnloadCertsKeys(CYASSL*);!!int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm);!

•  Enhanced example applications

ü  Track stack usage

ü  Track memory allocation

ü  Better IPv6 support

EXAMPLES AND DOCUMENTATION


./examples/client/client –t!

./examples/server/server -t!

./configure --enable-stacksize!

./configure --enable-ipv6!

•  Updated API documentation



•  New CyaSSL Porting Guide



•  Microchip PIC32MX and PIC32MZ

•  Microchip TCP/IP V6 support

•  Microchip Harmony support

PORTING PROGRESS


•  Freescale RNGA and RNGB support

•  Freescale mmCAU support

PORTING PROGRESS


#define FREESCALE_K70_RNGA!#define FREESCALE_K53_RNGB!

#define FREESCALE_MMCAU!

PORTING PROGRESS


Freescale K60 TWR (100 MHz)

Software Crypto Software Hardware Percent IncreaseAES 25 kB took 0.050 seconds, 0.49 MB/s 2.71 MB/s 453% (5.5x)DES 25 kB took 0.080 seconds, 0.31 MB/s 3.49 MB/s 1025% (11.3x)DES3 25 kB took 0.204 seconds, 0.12 MB/s 1.74 MB/s 1350% (14.5x)MD5 25 kB took 0.006 seconds, 4.07 MB/s 4.88 MB/s 19.9% (1.2x)SHA 25 kB took 0.014 seconds, 1.74 MB/s 2.71 MB/s 55.7% (1.6x)SHA-256 25 kB took 0.021 seconds, 1.16 MB/s 2.22 MB/s 91.4% (1.9x)

PORTING PROGRESS


0

1

2

3

4

5

6

AES DES DES3 MD5 SHA SHA-256

MB

/ se

c.

Kinetis K60 mmCAU vs. CTaoCrypt Software

Software

Hardware

•  Cavium NITROX

•  HP/UX

•  Better ThreadX support + NetX I/O callbacks

PORTING PROGRESS


#define THREADX!#define HAVE_NETX!

•  STM32F2 support, hardware crypto and RNG integration

PORTING PROGRESS


0

5

10

15

20

25

AES DES 3DES MD5 SHA

MB

/sec

STM32F217 (ARM Cortex-M3, 120 MHz )

Software Crypto

Hardware Crypto

•  KEIL MDK-ARM support

•  KEIL MDK5 software pack

PORTING PROGRESS


BUSINESS NEWS A STORY OF GROWTH AND SUCCESS


•  Name Change!

BUSINESS NEWS


•  More developers!

•  Increased onsite consulting activity

•  Launched our Kickstart consulting service

BUSINESS NEWS


•  Began FIPS 140-2 validation with wolfCrypt

BUSINESS NEWS


ü  Federal Information Processing Standard ü  NIST Publication 140-2 ü  Requires additional documentation, power-on self tests, etc.

•  Moved to Zendesk to better handle customer support

BUSINESS NEWS


THANKS! WOLFSSL

[email protected]

+1 (425) 245 - 8247


CHRIS CONLON

[email protected]

wolfssl year in review, 2013

Technology

aesgcm copyright

usa copyright

nonstop copyright

commercial copyright

development copyright

belgium copyright

crypto additions changes

c camellia