JAVA Toolkit
| home | contact

Home > News > Security Advisory: Secure Renegotiation with iSaSiLk


Left menu


News Menu

Latest News

IAIK-JCE 5.60 and IAIK [CP]AdES 2.4 released!

06/09/2019

IAIK-JCE 5.60 introduces a "subsidiary" provider as workaround for fixing a JDK JSSE MessageDigest Cloneable bug. IAIK [CP]AdES 2.4 fixes a bug in the AtsHashIndexv3 ASN.1 representation.

ECCelerate 6.01 released!

03/09/2019

We proudly present a new maintenance release of our IAIK ECCelerate™ elliptic curve library! Version 6.01 fixes minor bugs and streamlines ECPoint return types as well as other improvements. IAIK ECCelerate™ is based on Java 6 technology and has been thoroughly optimized for speed. Currently, it supports ECDSA, EdDSA, ECDH, X25519/448, ECIES and optionally ECMQV.

References

Our Clients


Security Advisory: Secure Renegotiation with iSaSiLk

22/02/2010

iSaSiLk v4.4 now supports the new RenegotiationInfo extension (RFC 5746) that has been specified by the IETF TLS working group to fix a severe security flaw in the SSL/TLS renegotiation protocol.
Full protection can only be achieved by no more allowing any SSL/TLS communication with unpatched client/servers that do not support the RenegotiationInfo extension yet. Since it may take a certain transition period until the majority of all SSL/TLS applications will be able to perform secure renegotiation, the new iSaSiLk release also contains a special version allowing legacy renegotiation with unpatched peers.
However, we strongly recommend to ugrade to iSaSiLk v4.4 as soon as possible, both for security and interoperability reasons. More and more SSL/TLS applications will integrate support for the RenegotiationInfo extension and sooner or later may start to strictly refuse any communication with peers that are not able to handle the new extension.

Please download the new iSaSiLk version and carefully read the included information about secure renegotiation support.

Kind regards
 Your SIC/IAIK Java Security Team!


 
print    tip a friend
back to previous page back  |  top to the top of the page