Home > Products > Communication & Messaging Security > iSaSiLk
Stiftung Secure Information and Communication Technologies SIC
Left menu
News Menu
Latest News
ECCelerate 2.10 is out!
28/05/2013
We proudly present a new release of our new IAIK ECCelerate™ elliptic curve library! Version 2.10 brings along new curves, performance improvements and some minor bugfixes! It is based on the latest standards and replaces our old IAIK-ECC library. IAIK ECCelerate™ is based on Java 5/6 technology and has been thoroughly optimized for speed. Currently, it supports ECDSA, ECDH, ECIES and optionally ECMQV.
New versions of IAIK-JCE and iSaSiLk!
29/03/2013
We have released new versions of our core crypto and SSL/TLS libraries:
IAIK-JCE 5.1
iSaSiLk 4.5
References
Our Clients
iSaSiLk
The Secure Sockets Layer (SSL) protocol has been developed by Netscape Communications Corporation for providing a secure data transfer over the Internet in supporting peer authentication, data encryption and data integrity. The version 3 of the Secure Sockets Layer protocol and its IETF standardized successor TLS (Transport Layer Security) are the most important protocols for encrypted data transfer over the WWW, supported by all well-known browsers, such as Microsoft Internet Explorer, Mozilla Firefox, Netscape and Opera.
IAIK-iSaSiLk is a Java™ programming language implementation of the SSLv2 (client-side), SSLv3, TLS 1.0 and TLS 1.1 protocols. It supports all defined cipher suites (except for Fortezza), including all AES and PSK cipher suites. iSaSiLk implements all standard TLS extensions, comes with an easy to use API and operates on top of the IAIK-JCE Java™ Cryptography Extension. iSaSiLk is highly configurable and will work with any alternative JCE implementation supported by a proper provider for supplying the required cryptographic algorithms.
Security Advisory
iSaSiLk v4.4 now supports the new RenegotiationInfo extension (RFC 5746) that has been specified by the IETF TLS working group to fix a severe security flaw in the SSL/TLS renegotiation protocol. Full protection can only be achieved by no more allowing any SSL/TLS communication with unpatched client/servers that do not support the RenegotiationInfo extension yet. Since it may take a certain transition period until the majority of all SSL/TLS applications will be able to perform secure renegotiation, the new iSaSiLk release also contains a special version allowing legacy renegotiation with unpatched peers. However, we strongly recommend to ugrade to iSaSiLk v4.4 as soon as possible, both for security and interoperability reasons. More and more SSL/TLS applications will integrate support for the RenegotiationInfo extension and sooner or later may start to strictly refuse any communication with peers that are not able to handle the new extension.Please download the new iSaSiLk version and carefully read the included information about secure renegotiation support.
Release notes
- Using iSaSiLk with Smartcards
- iSaSiLk and RMI Notes
- The iSaSiLk SecurityProvider Model
- iSaSiLk and HTTPS
- iSaSiLk certificates and authentications
- iSaSiLk interoperability and SSL v2 notes
- iSaSiLk and Secure Renegotiation
- iSaSiLk and PSK cipher suites
- iSaSiLk and TLS extensions
- iSaSiLk and the SessionTicket extension
Test the SSL/TLS-capabilites of your browser or any server!
Prices and Conditions
For current prices of iSaSiLk, please see our
price list
and
license conditions
.
iSaSiLk is free for educational and research prurposes, please see our
educational/research
license conditions.
You can order the product directly from webshop .
Please download the new iSaSiLk version and carefully read the included information about secure renegotiation support.
