Botan 1.8.10 has been released.
This release changes a number of aspects of how private keys are encrypted. The default encryption algorithm has changed from 3DES to AES-256; botan has supported AES for this purpose for many years but 3DES was chosen as the default for compatibility with other libraries. However supporting AES should not be a problem any longer in recent libraries, so moving to a safer default seems reasonable. In addition, the default iteration count for PBES1 and PBES2 encryption schemes (which are used primarily to encrypt asymmetric keys like RSA or DSA) has increased from 2048 to 10000, which should make brute force key cracking substantially harder.
The first round of AES now uses a smaller set of lookup tables; this only reduces performance slightly but some timing and cache analysis attacks against AES are substantially harder when AES is implemented this way.
The class known as S2K was renamed PBKDF in 1.9, with a typedef for backwards compatibility. For providing an equivalent forward compatibility path, 1.8.10 includes a typedef for PBKDF and a new accessor function get_pbkdf. It also includes a new interface for deriving keys with a passphrase which takes both the passphrase and desired output length as well as the salt and iteration count; in many cases this call is actually significantly more convenient than the older API.
Posted 2010/08/31 in releases; no comments
< Botan 1.9.10: Constant time AES-128 using SSSE3, dynamic Engines | 1.8.11 released >