JAVA Toolkit
| home | contact

Home > News > iSaSiLk 5.107 released!


Left menu


News Menu

Latest News

iSaSiLk 5.107 released!

13/12/2017

iSaSiLk 5.107 has improved its countermeasure against variants of the PKCS#1 Bleichenbacher attack and adds support for the Application Layer Protocol Negotiation (ALPN) extension!

IAIK-JCE 5.5 released!

29/08/2017

IAIK-JCE 5.5 fixes a signature algorithm name incompatibility in JSSE algorithm constraint checking, implements SHA-3 based signature and HMAC algorithms, and adds throughout support for using the IAIK provider without the necessity of installing it within the JCA/JCE Security framework.

References

Our Clients


iSaSiLk 5.107 released!

13/12/2017

Recently a new variant of the PKCS#1 attack of Daniel Bleichenbacher has been published (https://robotattack.org/). Although testing with the provided tool showed that iSaSiLk 5.106 was not vulnerable against this ROBOT (Return Of Bleichenbacher's Oracle Threat)  attack we decided to improve the Bleichenbacher attack countermeasure to make it even more (timing) resistent. This improved countermeasure is now available with the new iSaSiLk 5.107 library.

Furthermore iSaSiLk 5.107 adds support for the Application Layer Protocol Negotiation (ALPN) extension (RFC 7301) allowing to negotiate the application layer protocol within the TLS handshake.

Please look at the iSaSiLk product page and visit our download center to get the new versions.

Kind regards,
Your SIC/IAIK Java Security Team!


 
print    tip a friend
back to previous page back  |  top to the top of the page