diff options
| author | Jack Lloyd <[email protected]> | 2016-09-05 13:51:40 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-09-05 13:51:40 -0400 |
| commit | e12a272f633f9571a2f96d8d9c3f6c379b4802a4 (patch) | |
| tree | 49594fede638a9483571ad9d8250dc02bd22d3a5 | |
| parent | e36523f55b0dee0b60238d5b75ca54f5a6a8542a (diff) | |
Update news and readme
| -rw-r--r-- | doc/news.rst | 25 | ||||
| -rw-r--r-- | readme.rst | 6 |
2 files changed, 21 insertions, 10 deletions
diff --git a/doc/news.rst b/doc/news.rst index d4f1f090b..a2df6b46e 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -4,15 +4,26 @@ Release Notes Version 1.11.32, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -* Add support for TLS Encrypt-then-MAC extension (GH #492 and #578) - which fixes the known issues in the TLS CBC-HMAC construction. +* Add support for the NewHope Ring-LWE key encapsulation algorithm. This scheme + provides an estimated ~200 bit security level against a quantum attacker while + also being very fast and requiring only modest message sizes of 1824 and 2048 + bytes for initiator and responder, resp. This version is tested as having + bit-for-bit identical output as the reference implementation by the authors. -* Add a new TLS Callbacks interface. Compatability with previous - versions is maintained. GH #457 and #567 + Be warned that NewHope is still a very new scheme and may yet fall to analysis. + For best assurance, it should be used only in combination with an existing key + exchange mechanism such as ECDH. -* The deprecated algorithms Rabin-Williams, Nyberg-Rueppel, MARS, RC2, - RC5, RC6, SAFER-SK, TEA, MD2, HAS-160, and RIPEMD-128 have been - removed. GH #580 +* Add support for TLS Encrypt-then-MAC extension (GH #492 and #578) which fixes + the known issues in the TLS CBC-HMAC construction. + +* Add a new TLS Callbacks interface. Compatability with previous versions is + maintained. The documentation has been updated accordingly. GH #457 and #567 + +* The deprecated algorithms Rabin-Williams, Nyberg-Rueppel, MARS, RC2, RC5, RC6, + SAFER-SK, TEA, MD2, HAS-160, and RIPEMD-128 have been removed. GH #580 + +* SSE2 optimizations for ChaCha, 60% faster on both Westmere and Skylake (GH #616) * The HMAC_RNG constructor added in 1.11.31 that took both an RNG and an entropy source list ignored the entropy sources. diff --git a/readme.rst b/readme.rst index 29547a098..a5cbf914e 100644 --- a/readme.rst +++ b/readme.rst @@ -165,9 +165,8 @@ Public Key Cryptography * RSA signatures and encryption * DH and ECDH key agreement -* DSA and ECDSA signatures -* Quantum computer resistant McEliece KEM scheme -* GOST-34.10-2001 +* Signature schemes DSA, ECDSA, ECGDSA, ECKCDSA, GOST 34.10-2001 +* Post-quantum KEM schemes McEliece (code based) and NewHope (Ring-LWE) * ElGamal encryption * Padding schemes OAEP, PSS, PKCS #1 v1.5, X9.31 @@ -199,6 +198,7 @@ Hash functions and MACs Other Useful Things ---------------------------------------- +* Interfaces for accessing PKCS #11 and TPM hardware * Key derivation functions for passwords, including PBKDF2 * Password hashing functions, including bcrypt and a PBKDF based scheme * General key derivation functions KDF1 and KDF2 from IEEE 1363 |