Add OS2ECP benchmark.

Turns out decompressing a point is ~50x slower than checking (x,y) is on the curve. Update relnote accordingly.
author: Jack Lloyd <[email protected]> 2016-10-13 14:36:28 -0400
committer: Jack Lloyd <[email protected]> 2016-10-13 14:36:28 -0400
commit: 30c85ac981fdad46639ce02aa7e8612601fc5245 (patch)
tree: 57f2b22d4b3bbaf21a9849f724fd5f8c86544c4e /doc
parent: 837ff4ee24cb302da0a17e07ebab8ab1ef9204ca (diff)
1 files changed, 2 insertions, 6 deletions
diff --git a/doc/news.rst b/doc/news.rst
index ad3015082..80a8457e3 100644
--- a/doc/news.rst
+++ b/doc/news.rst
@@ -13,12 +13,8 @@ Version 1.11.33, Not Yet Released
 
 * Add support for the TLS Supported Point Formats Extension from RFC 4492. Adds
   TLS::Policy::use_ecc_point_compression policy option. If supported on both
-  sides, ECC points can be sent in compressed format, which both saves a few
-  bytes on the wire and is an inexpensive way of avoiding invalid curve attacks.
-  For uncompressed points Botan already checks that the point is on the curve so
-  invalid curve attacks are not possible in either situation, but the point
-  decompression will typically be cheaper than verifying the point is on the
-  curve. (GH #645)
+  sides, ECC points can be sent in compressed format which saves a few bytes
+  during the handshake. (GH #645)
 
 * Fix entropy source selection bug on Windows, which caused the CryptoAPI
   entropy source to be not available under its normal name "win32_cryptoapi" but
author	Jack Lloyd <[email protected]>	2016-10-13 14:36:28 -0400
committer	Jack Lloyd <[email protected]>	2016-10-13 14:36:28 -0400
commit	30c85ac981fdad46639ce02aa7e8612601fc5245 (patch)
tree	57f2b22d4b3bbaf21a9849f724fd5f8c86544c4e /doc
parent	837ff4ee24cb302da0a17e07ebab8ab1ef9204ca (diff)