|
|
www.design-reuse-embedded.com |
Arm's embedded TLS library fixes man-in-the-middle fiddle
IoT security helper is vulnerable to attacks by malicious peers
Richard Chirgwin , Aug. 31, 2017 –
Arm's "mbed TLS" software can be tricked into an authentication bypass and needs a patch.
Created by PolarSSL, which was acquired in February by Arm, mbed is a crypto library designed to make it easy for embedded system developers to add SSL/TLS capabilities to their products.
As well as client-server models (that is, an embedded IoT device talking to a server), mbed also lets peer devices set up TLS sessions between each other.
Click here to read more ...