Mocana products are built for developers, OEMs and ISVs. DSF for Android, NanoSSH and other products are not finished security applications usable by IT personnel or end users.
Please fill out the form below. All fields are required.
First Name
Last Name
Company
Job Title
Phone
State
Email	Your Privacy
Country
Embedded security code packages can only be delivered to valid business email addresses.
When is your project starting?
What is your target OS/CPU?

	I'd like to receive email updates and news from Mocana*

	I have read the Mocana Terms and Conditions
Form Source: Lead Source:

COST COMPARISON:
Mocana vs Open Source

Features & Benefits

Complete solution gives you all the protocols and algorithms you need to secure wireless devices.

Small footprint, high performance.

Dramatically speeds integration & testing of WPA2, SSL, EAP & RADIUS functionality into your product.

NSA “Suite B” cryptography included.

Guaranteed “GPL-Free” code protects your intellectual property.

Zero-threaded, asynchronous architecture.

RTOS neutral and transport agnostic.

Hardware/driver layer abstraction.

Expert development support from Mocana engineers.

In NanoWireless, Mocana delivers a standards-based, full featured security solution that device manufacturers and ISVs can use to build wireless connectivity agents (Wi-Fi supplicants) for different endpoints like netbooks and laptops as well as embedded devices used in medical, industrial and smartgrid environments.

Networking device OEMs can use NanoWireless to build highly scalable security into endpoint termination devices like enterprise wireline switches, wireless access points and Wi-MAX ASN (Access Service Network) gateways. Our integrated RADIUS client allows thousands of end points to be authenticated simultaneously by communicating with RADIUS servers deployed throughout the network.

Device manufacturers and OEMs now have an off-the-shelf solution for integrating security into their designs. The cryptographic libraries included with NanoWireless carry a FIPS 140-2 level 1 government certification and offer full support for NSA’s Suite B algorithms, letting you sell your devices into government and contractor accounts that were previously unavailable to commercial vendors.

Like all Mocana products, NanoWireless is easy to integrate and written in ANSI C, with out-of-the-box support for more than 1000 CPU/OS combinations. It’s super- small footprint and unique asynchronous architecture allows you to leverage integrated crypto acceleration hardware available on many of today’s popular CPU platforms.

But building secure wireless products isn’t just about WPA2 - lots of other protocols are needed, too. That’s why NanoWireless includes strong, easy-to- use implementations of the SSL/TLS, RADIUS, and EAP security protocols, as well as a complete certificate issuing and management engine.

NanoWireless provides all the functions necessary to create fully 802.11i-compliant station management entity (SME) and provides backward compatibility with WEP and WPA. The SME can establish a secure association with a defined access point (AP) in infrastructure mode (ESS), and be part of a wireless robust secure network (RSN). Additionally, Mocana NanoWireless enables you to perform preauthentication to support speedy handover from AP to AP. And it’s all available in full source code, or as binaries for virtually any CPU/OS combination you can possibly imagine.

Wireless Endpoint Security
Home, enterprise and operator networks all commonly use wireline and wireless technologies to provide connectivity to the Internet. Frequently these networks carry converged voice, video and data traffic simultaneously.

To protect wireline networks the IEEE developed 802.1X, which provides port-based network access control. It allows every device connected to a Ethernet port to be first authenticated, and only then then allowed to use network connectivity. Wired Equivalent Privacy (WEP) was the early standard developed for wireless security, but it was quickly compromised, and the Wi-Fi alliance introduced “Wi-Fi Protected Access” (WPA) as an alternative. IEEE 802.11i amended the 802.11 standard to specify security mechanisms for wireless networks and now the Wi-FI alliance refers to their approved, interoperable implementation of the full 802.11i as WPA2.

Broadband wireless technologies like Wi-MAX and LTE also use EAP-based authentication of the subscriber stations. Typically EAP runs from a user entity to an MME (Mobile Management Entity) or ASN gateway.

Until recently, if you were designing or building any of these types of devices, you have to cobble together your own security implementations from scratch, using a combination of open source code and anything else you could find. You were on your own when it came to interoperability testing, and it helped a lot if you had a security expert handy, too. Building security into wireless products was difficult, time-consuming and expensive.

But now there’s NanoWireless.

Wireless Device Security Framework

Untitled Document

Supported processor platforms:

Awards and Certifications

Nominations
2010 Spiffy Awards Nominee

NanoWireless™ Features

Very High Performance
NanoWireless, like all of Mocana’s device security solutions, is designed with an asynchronous core to fully leverage hardware acceleration. Mocana’s code easily outperforms open source implementations, especially when supported on-chip crypto-offload hardware is available.

Full (not partial) IETF RFC Compliance:

IEEE Std 802.11™, 1999 Edition
IEEE Std 802.11i™™-2004
802.1X
IETF Draft: draft-nourse-scep-14.txt
X.509 v3 certificate
X.509 v2 CRL format
RFC-1994, PPP Challenge Handshake Authentication Protocol (CHAP)
RFC-2246, TLS Protocol Version 1.0
RFC-2284, PPP Extensible Authentication Protocol (EAP)
RFC-2560 Online Certificate Status Protocol - OCSP
RFC-2616, Hypertext Transfer Protocol - HTTP/1.1
RFC-2617, HTTP Authentication: Basic and Digest Access
RFC-2716, PPP EAP TLS Authentication Protocol
RFC-2759, Microsoft PPP CHAP Extensions Version 2
RFC-2865, Remote Authentication Dial In User Service (RADIUS)
RFC-2866, RADIUS Accounting
RFC-2945, The SRP Authentication and Key Exchange System
RFC-3268, AES Ciphersuites for Transport Layer Security
RFC-3280’s X.509 certificate and CRL profiles
RFC-3546, Transport Layer Security Extensions (partially supported)
RFC-3576, Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)
RFC-3579, RADIUS (Remote Authentication Dial In User Service) Support for Extensible Authentication Protocol (EAP)
RFC-3580, IEEE 802.1x Remote Authentication Dial In User Service (RADIUS) Usage Guidelines
RFC-3748, Extensible Authentication Protocol (EAP)
RFC-4137, State Machines for Extensible Authentication Protocol (EAP) Peer and Authenticator
RFC-4186, Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM)
RFC-4187, Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)
RFC-4279, Pre-Shared Key Ciphersuites for Transport Layer Security
RFC-4346, TLS 1.1
RFC 4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2
RFC 5288: AES Galois Counter Mode (GCM) Cipher Suites for TLS
RFC 5289: TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM)
RFC 5430: Suite B Profile for Transport Layer Security (TLS)
Subscriber Identity Modules (EAP-SIM)
EAP-PEAP (v0, v1, v2), all drafts-draft-josefsson-pppext-eap-tls-eap-07.txt and draft-josefsson-pppext-eap-tla-eap-10.txt
EAP-TTLS (v0,v1), all drafts-draft-ietf-pppext-eap-ttls-02.txt
EAS PSK draft-draft-bersani-eap_psk-11.txt
EAP FAST draft-draft-cam-winget-eap-fast-03.txt

Rich Cryptography Algorithm/Construct Support

DES
3DES
AES
ARCFOUR
Diffie-Hellman
RSA
PKCS #1, Version 1.5
PKCS #5
PKCS #7
PKCS #8
PKCS #10
PKCS #12
MD2
MD4
MD5
SHA1
SHA-224
SHA-256
SHA-384
SHA-512
RC2
RC4

Authentication Support

OTP (one time password)
GTC (generic token card)
MS-CHAP-V2 (Microsoft version of the Challengehandshake authentication protocol)
TLS (transport layer security)
TTLS v0 and v1
SIM (subscriber identity module)
AKA (authentication and key agreement)
SRP (secure remote password)
LEAP (lightweight extensible authentication protocol, developed by Cisco Systems)
PEAP v0/v1/v2 (protected extensible authentication protocol)
FAST (flexible authentication via secure tunneling)
RADIUS (remote authentication dial in user service)
MD5
PAP
CHAP
Multiple Challenge-Response Authentication—ideal for SSH keyboard interactive authentication or token ID-based authentication.

Extra-Flexible SSLv3 and TLS 1.0 Cipher Support

TLS-RSA-WITH-AES-256-CBC-SHA
TLS-RSA-WITH-AES-128-CBC-SHA
TLS-RSA-WITH-ARCFOUR-128-MD5
TLS-RSA-WITH-ARCFOUR -128-SHA
TLS-RSA-WITH-3DES-EDE-CBC-SHA
TLS-RSA-WITH-DES-CBC-SHA
TLS-DHE-RSA-WITH-AES-256-CBC-SHA
TLS-DHE-RSA-WITH-AES-128-CBC-SHA
TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
TLS-DHE-RSA-WITH-DES-CBC-SHA
TLS-DH-ANON-WITH-AES-256-CBC-SHA
TLS-DH-ANON-WITH-AES-128-CBC-SHA
TLS-DH-ANON-WITH-ARCFOUR -128-MD5
TLS-DH-ANON-WITH-3DES-EDE-CBC-SHA
TLS-DH-ANON-WITH-DES-CBC-SHA
TLS-PSK-WITH-AES-256-CBC-SHA
TLS-PSK-WITH-AES-128-CBC-SHA
TLS-PSK-WITH-ARCFOUR-128-SHA
TLS-PSK-WITH-3DES-EDE-CBC-SHA
TLS-RSA-PSK-WITH-AES-256-CBC-SHA
TLS-RSA-PSK-WITH-AES-128-CBC-SHA
TLS-RSA-PSK-WITH-ARCFOUR-128-SHA
TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA
TLS-DHE-PSK-WITH-AES-256-CBC-SHA
TLS-DHE-PSK-WITH-AES-128-CBC-SHA
TLS-DHE-PSK-WITH-ARCFOUR-CBC-SHA
TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA
TLS-RSA-WITH-NULL-SHA
TLS-RSA-WITH-NULL-MD5
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_ SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_ SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Suite B Algorithms

AES with key sizes (128 256 bits)
ECDSA using curves with 256 and 384 bits
ECDH using curves with 256 and 384 bits
SHA-256 and SHA-384

Untitled Document

Supported processor platforms:

Awards and Certifications

Nominations
2010 Spiffy Awards Nominee

NanoWireless™ Benefits

Works Where Others Won’t
NanoWireless fits into the smallest memory footprints where other security implementations simply can’t... and open-source packages can’t match Mocana’s throughput performance.

GPL-Free Code
NanoWireless is usually less expensive than “free” open source code, especially when engineering, testing and support costs are factored in. Since we guarantee that NanoWireless contains absolutely no GPL code, you can be confident your intellectual property won’t accidentally become public domain because of “GPL contamination”— something open source projects can’t do.

Complete Solution
There are other WPA2 packages out there. But almost all of them are incomplete—missing critical standards, algorithms or code that you’ll need to finish your wireless security implementation. Only NanoWireless offers everything you need together in one package, to get the job done right—and fast. Guaranteed.

Platform Independent
NanoWireless, like all of Mocana’s device security toolkits, is CPU-architecture and platform independent. NanoWireless is immediately available for over 30 operating systems and 70 processors. Platforms supported out-of-the-box include Linux, Monta Vista Linux, VxWorks, OSE, Nucleus, Solaris, ThreadX, Windows, MacOS X, (ARC) MQX, pSOS, and Cygwin. NanoSSL is endian-neutral, and can be used without an RTOS if required.

No Crypto Expertise Required
NanoWireless features an extremely powerful, but simple and easy-to-use API. That’s because we built it for ease-of-use and ease of installation from the ground up. You don’t need to be a crypto expert, because NanoWireless hides all of the complexity of the cryptography. You can focus on your development project, and let NanoWireless worry about the security. Plus Mocana’s developer support team is always available to answer your questions about our toolkits or embedded development in general.

Dramatically Speeds Your Development Cycle
NanoWireless is a ready-made, pre-optimized and exhaustively tested security solution that frees your in-house development resources to focus on what’s really important: the functionality of your project. NanoWireless’ advanced, well-documented APIs speed development & integration efforts and significantly ease customization. NanoWireless allows you to develop proprietary systems while giving you the freedom to substitute in the commercially-available components you choose. And real engineers on Mocana’s world-class developer support team are always on-call to help you.

FIPS Certified with NSA Suite B Support
All government agencies and most contractors require FIPS-certification of cryptographic engines - a difficult certification to achieve. NanoWireless’ core cryptographic engine is available to you in source, or as a government-certified FIPS 140-2 Level 1 validated binary. Both source and binary versions include full support for NSA’s Suite B algorithms, providing secure communications between high-assurance (classified) and basic-assurance systems. Untitled Document

Supported processor platforms:

Awards and Certifications

Nominations
2010 Spiffy Awards Nominee

Which NanoWireless™ Edition is Right for You?


FEATURES	NanoWireless Supplicant	NanoWireless Advanced
WPA2 Supplicant
Suite B support
FIPS binaries available
SSL/TLS server
SSL/TLS client
EAP Supplicant
EAP Authenticator
X.509 v3 Certificate Management SCEP Client
OCSP based On-Line Certificate Status Protocol checking
X.509 v2 CRL support
RADIUS client

Untitled Document

Supported processor platforms:

Awards and Certifications

Nominations
2010 Spiffy Awards Nominee

NanoWireless™ Architecture

NanoWireless is part of the Mocana Device Security Framework, designed to secure all aspects of any connected device. All components of the Device Security Framework are built on a common architecture and share a common API and code base. As a device designer, you can choose only the components you need for your particular project... or standardize company-wide on the DSF, future-proofing your investment with this broad, cross platform, flexible and extensible security architecture.

Untitled Document

Supported processor platforms:

Awards and Certifications

Nominations
2010 Spiffy Awards Nominee

DHTML Menu By Milonic JavaScript