Navigation:
Browse pkgsrc
(this page)
security liboqs
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2024-12-18 22:30:34 by Jan Schaumann | Files touched by this commit (2) |  |
Log message: update to liboqs-0.12.0 Release notes: https://github.com/open-quantum-safe/liboqs/releases/tag/0.12.0 This release updates the ML-DSA implementation to the final FIPS 204 version. This release still includes the NIST Round 3 version of Dilithium for interoperability purposes, but we plan to remove Dilithium Round 3 in a future release. Deprecation notice This will be the last release of liboqs to include Kyber (that is, the NIST Round 3 version of Kyber, prior to its standardization by NIST as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203). The addition of ML-DSA FIPS 204 final version to liboqs has introduced a new signature API which includes a context string parameter. We are planning to remove the old version of the API without a context string in the next release to streamline the API and bring it in line with NIST specifications. Users who have an opinion on this removal are invited to provide input at #2001. Security issues CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue. What's New This release continues from the 0.11.0 release of liboqs. Key encapsulation mechanisms HQC: Fixed bug in decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue. Kyber: This is the last release of liboqs to include Kyber. ML-KEM: Improved testing of ML-KEM. Digital signature schemes LMS: Fixed crashing bug. ML-DSA: Removed FIPS 204-ipd (initial public draft) and replaced it with FIPS 204 final version. Added new API for digital signatures with context strings; see #2001 for plan to remove old API without context string. Added fuzzing tests for signature schemes. Added benchmarking for stateful hash-based signature schemes. Other changes Updated CBOM format to version 1.6. Added a function OQS_thread_stop to be called by multi-threaded applications to properly deallocate resources in a threaded execution. Added preprocessor macros conveying liboqs version information. |
| 2024-10-14 17:24:03 by Nia Alarie | Files touched by this commit (1) |
Log message: liboqs: Stop build system from rejecting "unsupported" archs. |
| 2024-10-10 21:32:28 by Jan Schaumann | Files touched by this commit (3) | |
Log message: update to liboqs-0.11.0 What's New Key encapsulation mechanisms Kyber: Added formally-verified portable C and AVX2 implementations of Kyber-512 \ and Kyber-768 from libjade. ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512, ML-KEM-768, \ and ML-KEM-1024 to FIP 203 version. Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and Kyber-1024 to \ work with AddressSanitizer. Digital signature schemes LMS/XMSS: Added implementations of stateful hash-based signature schemes: XMSS \ and LMS. MAYO: Added portable C and AVX2 implementations of MAYO signature scheme from \ NIST Additional Signatures Round 1. CROSS: Added portable C and AVX2 implementations of CROSS signature scheme from \ NIST Additional Signatures Round 1. Other changes Added callback API to use custom implementations of AES, SHA2, and SHA3. Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API. Detailed changelog at https://github.com/open-quantum-safe/liboqs/releases/tag/0.11.0 |
New packages: