Botan 1.8.10 has been released.
This release changes a number of aspects of how private keys are encrypted. The default encryption algorithm has changed from 3DES to AES-256; botan has supported AES for this purpose for many years but 3DES was chosen as the default for compatibility with other libraries. However supporting AES should not be a problem any longer in recent libraries, so moving to a safer default seems reasonable. In addition, the default iteration count for PBES1 and PBES2 encryption schemes (which are used primarily to encrypt asymmetric keys like RSA or DSA) has increased from 2048 to 10000, which should make brute force key cracking substantially harder.
The first round of AES now uses a smaller set of lookup tables; this only reduces performance slightly but some timing and cache analysis attacks against AES are substantially harder when AES is implemented this way.
The class known as S2K was renamed PBKDF in 1.9, with a typedef for backwards compatibility. For providing an equivalent forward compatibility path, 1.8.10 includes a typedef for PBKDF and a new accessor function get_pbkdf. It also includes a new interface for deriving keys with a passphrase which takes both the passphrase and desired output length as well as the salt and iteration count; in many cases this call is actually significantly more convenient than the older API.
Posted 2010/08/31 in releases; no comments
Botan 1.9.10: Constant time AES-128 using SSSE3, dynamic Engines
This new release adds a constant-time AES implementation using SSSE3. This code is based on public domain assembly written by Mike Hamburg and described in his CHES 2009 paper "Accelerating AES with Vector Permute Instructions". In addition to being constant time, it is also significantly faster than the table-based implementation on some processors. The current code has been tested with GCC 4.5, Visual C++ 2008, and Clang 2.8.
Support for dynamically loading Engine objects at runtime was also added. This will be especially useful for algorithm implementations which are in some way hardware dependent (for instance using CUDA). Currently only system that use dlopen-style dynamic linking are supported but a future release should also support Windows.
GCC 4.3 and later support new builtins for byte swapping values which work on a variety of processors. These builtins are now used when possible; this allows for fast byte swapping on platforms which were not previously supported (for instance ARM, PowerPC, and IA-64), and allows better scheduling on x86 processors as well.
This releases drops support for configuring the build with Python 2.4; Python 2.5 or later is now required. At this time, the only current distro that still ships with 2.4 is RedHat Enterprise 5, so this hopefully should not affect too many users.
The class previously named S2K has been renamed PBKDF. This matches the general terminology for algorithms which transform passphrases into keys; the old S2K naming is historical and due to the fact that the first such algorithm added to botan was the one used in PGP, which is called S2K; the algorithms included in PKCS #5, which use the somewhat more conventional PBKDF term, were not added until version 1.1.0.
A bug in 1.9.9 that prevented benchmarking of ECB-mode ciphers was fixed.
If you have 10 minutes, please fill out the user survey. Knowing what users think of the library, how they are using it, and what the trouble spots are will greatly help in terms of improving future releases.
Posted 2010/08/12 in releases; no comments
This is a call to all users of the library to fill out a user survey to help understand who uses botan, why, what they do and don't like about the library, and what future directions would be most beneficial. The survey will run through the end of the month with aggregated results being published sometime in September.
Posted 2010/08/06 in announcements; no comments
Botan 1.9.9 has been released.
New functions in the Filter infrastructure include Filter::name (which simply returns the name of the filter as a std::string), and Keyed_Filter::valid_iv_length, which allows querying the IV length(s) a filter supports. Previously, partially because there was no such query mechanism, if a filter did not support IVs at all, then calls to set_iv would be silently ignored. Now an exception about the invalid IV length will be thrown.
The most recent release on the stable tree, 1.8.9, added a couple of new functions for doing BER encoding/decoding of public and private keys. These functions had not made it into the previous 1.9 release, and are added here.
The default iteration count for the password based encryption schemes has been increased from 2048 to 10000. This should make password-guessing attacks against private keys encrypted with versions after this release somewhat harder.
The Doxygen documentation comments were substantially updated and expanded in this release. As of the 1.9.9 spin, a total of 961 functions and variables remain undocumented. The goal is to get this number to zero before the next stable release series; patches assisting this would be most welcome.
Problems preventing compilation under Apple's GCC 4.2.1, and on 64-bit MIPS systems using GCC 4.4 or later were fixed.
Posted 2010/06/28 in releases; no comments
Windows Binaries Now Available For 1.8.9
Windows binaries for both 32 and 64 bit systems for the latest stable release are now available; check the download page for links.
Posted 2010/06/16 in announcements; no comments
[1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 >>