Botan 1.7.3 has been released.
Botan is now available in Debian "lenny" (testing). More information at debian.org
A number of new benchmark results have been posted.
Version 1.7.2 has been released.
There is now a document describing the best ways to send patches for Botan for inclusion into mainline releases.
New versions of Botan have been released on the stable and development trees (1.6.3 and 1.7.1). The new stable release fixes a build problem encountered by some Visual Studio users in the memory allocator, as well as a race condition in the algorithm object cache. Upgrading is recommended, especially if Botan is being used in multithreaded code.
Botan 1.6.3 is due to be released shortly to resolve some build and link problems that have been plaguing some Visual Studio users. In the meantime a prerelease tarball has been made for testing and to ensure all the blocking problems with Visual Studio have been fixed. Interested users should test the build process and their applications.
Botan 1.6.1 has been released. The primary changes are a couple of bugfixes; several in the base64 decoder, and on in the BER decoding classes; this bug only occurred under compilers which do not implement named return value optimization (NVRO), which seems to include at least some versions of Visual Studio 2005.
There are a couple of very small new features; a new option to the base64 encoder which specifies that a trailing newline should always be appended, and another change which increases the maximum keylength of RC4 to 256 bytes. Both of these changes were made to support Monotone.
The first release candidate for Botan 1.6.0, version 1.5.13, has been released. This has only very minor changes as compared to 1.5.12, primarily updating a few modules to reflect new APIs, and better support for the Intel and PathScale compilers on x86-64.
Botan 1.5.12 has been released. No major milestones here, just some documentation updates, x86-64 assembly optimizations, various improvements to the Python bindings, and support for out of tree builds.
Botan 1.5.11 has been released. Most of the changes in this release will not be visible to the casual user; particularly noticeable ones are a near complete rewrite of the configure/build system, which is now much more flexible and easy to work with, and various changes in the inheritance hierarchy of the public key cryptosystems and basic symmetric algorithms.
An x86 assembler version of the Serpent block cipher has been added; it benchmarks as being around twice as fast as the C++ version. Also new are some small parts of BigInt implemented in x86 assembler.
The Python wrappers, which use Boost.Python, are significantly improved, though there is still a very long way to go on that front. This version fixes the compile problems in recent development versions that were being encountered by Visual Studio users.
Botan 1.5.10 has been released. The major addition of this release is x86 assembler versions of the MD4, MD5, and SHA-1 hash functions. On the machines they have been tested on, they come in at roughly 50-60% faster than the C++ versions when compiled with GCC.
There are various changes to make the library more resilient against runtime failures, preventing memory leaks, catching exceptions, and so forth. Option parsing in the test/benchmark tool is much improved, and an example application that factors integers using Pollard's Rho heuristic has been added. The InitializeOptions object now understands negated options, so settings can be explicitly disabled.
Botan 1.5.9 has been released. Like the last release, most of the changes are related to internal cleanups. In particular the methods for initialization and for setting up modules should be much more straightforward and easier to maintain and extend. Also, the AEP engine module had not been working for some time; this has now been fixed.
Botan 1.5.8 has been released. This version is primarily devoted to internal cleanups. Some of these cleanups have led to greater flexibility for end-user applications (specifically: better support for alternate characters sets, and the ability for applications to extend the set of supported X.509 extensions).
Support for GCC 2.95.x has been dropped in this release.
Monotone is now being used for source code control. A public server with anonymous access is running at randombit.net; instructions for anonymous access are available.
Several people noticed that the Mailman web interfaces had gone down. The problem has been fixed and Mailman is back. And now there is a Bugzilla install for your bug submitting pleasure.
The last few releases have been consistently improving the performance of the public key algorithms. Since 1.5.2, Botan has gained full x86 and amd64 assembler backends (contributed by Luca Piccarreta), a much faster (and more predictable) bitmap-based memory allocator, and a large number of minor optimizations througout BigInt's core algorithms, particularly with the aim of reducing the amount of memory allocation/deallocation that is needed.
Botan 1.5.5, releaesd today, fixes a potential infinite loop in the memory allocators introduced in 1.5.4 (found and fixed independently by Jack Lloyd and Matt Johnston; Matt's fix turned out to be a bit cleaner). Temporary workspace memory used by the Karatsuba algorithm is now cached across multiple multiplications if possible. Also the addition and subtraction operators were cleaned up, reducing the number of temporary memory allocations needed. Benchmarks show 1.5.5 is the fastest version of Botan so far, and is actually benchmarking quite competitively with OpenSSL on an Opteron system.
Further profiling and hacking has led to 1.5.2, which is showing some substantial performance gains over 1.4.11. During a valgrind run, it became clear that there was a memory leak - it turns out some recent changes introduced a nasty leak of the SecureQueues in Pipe. This has been fixed in the latest stable and dev releases.
Profiling indicates that currently the major hotspots for RSA are the addition and linear multiplication functions (because Karatsuba multiplication and Montgomery reduction use those extensively). Previously the memory allocators were also taking a very large piece of time; Pooling_Allocator has been rewritten in 1.5.2 and is significantly faster (though it could still use with more profiling and tuning, no doubt). I suspect that right now the best gains can be had by rewriting code using BigInt to use the low-level algorithms, and avoiding unnecessary temporaries, along with rewriting the low-level algorithm code to use assembly instead of C/C++. In particular, I don't see how to make our current hotspots, addition and linear multiplication, too much faster without using assembly.
The new development tree, 1.5.x, has been progressing well so far. 1.5.1 is now out, which adds Montgomery exponentiation, generalized Karatsuba multiplication and squaring, and Comba squaring. Overall performance seems very good in comparison to 1.4.11, though profiling indicates there are a few troublesome hotspots, most particularly in the pooling allocator (profiling RSA operations with KCachegrind indicates that operations in the pooling allocator uses up nearly 30% of the total runtime). Another, less problematic one, is the multiple precision addition function - this routine was never optimized much (because it wasn't a hotspot), but with the new Karatsuba and Montgomery code, it is being used much more heavily now (and currently taking up 15% of total runtime for RSA). Optimizing this routine will be a priority for the next releaswever it is a very nice design, and much faster than SHA-256, so hopefully it will get some good analysis.
Other changes include optimizations for RC6 and Twofish, much better support for 64-bit PowerPC, support for high resolution hardware timers on most PowerPC systems, fixing a persistent build annoyance that shows up on BSD systems, and generalizing the X9.31 RNG to support arbitrary block ciphers as well as arbitrary underlying PRNG objects.
This was a really good weekend for me being productive on Botan. I implemented the IBM AES candidate MARS and the South Korean cipher SEED, optimized RC6 and Twofish significantly, and collected and formatted a large body of new test vectors. Implementing and optimizing MARS and SEED was quite enjoyable; it has been a long while since I've done any really low level programming, and I think I may start implementing a few of the modern stream cipher designs like Turing or Sober just for fun, though who knows if I'll continue this little streak.
All of these changes will be part of the next release. I don't want to push out too many new releases in such a short timespan, and as what will become 1.4.9 doesn't have any bugfixes so far, just enhancements, I'm that OpenSSL supports, though the gains are fairly small. In the future this will allow Botan to make use of crypto hardware for any hash function, MAC, or symmetric cipher in any mode (including ones that Botan does not natively support).
Botan 1.4.1 is out.
Botan 1.4.0 has been released. No major changes versus 1.3.14, lots and lots of new stuff as compared with 1.2.8. Currently there are no RPMs available, I'll try to get those up later this weekend.
Botan 1.3.14 has been released. This is the first release candidate for 1.4.0. Please report any bugs or problems as soon as possible. The new AEP engine is available, along with many portability fixes, minor optimizations, and so on. Check the changelog for details.
Most of the AEP engine support has been written, though I want to do cleanup and much more testing before releasing it. I also haven't added support for the hardware RNG that AEP cards include yet. In single-threaded code, RSA is 3 to 10 times faster than the host CPU (1.4 Ghz Athlon). In multi-threaded code, or on systems with a heavy CPU load, the improvement should be even more noticeable.
AEP Systems has generously donated an AEP2000 crypto card. I'll be working on an engine module to support it this week. This is probably the last major feature to be added before 1.4.0 is released later this month.
Botan 1.3.13 is out, fixing the compile problem in 1.3.12, as well as some build and installation problems on Cygwin and MacOS X. Support for Cygwin is much improved over previous releases (including 1.2.x).
I have just been informed that 1.3 now use an OpenSSL-compatible PEM header (the previously used "CRL" header is still accepted). Ken Perano from Sandia contributed a patch against the API doc fixing a number of grammatical and typographical errors, and I've added more documentation about how the filter/pipe system works. And the PKCS #10 request decoder have been fixed so that "old style" requests (which don't include any v3 extension requests) compute the key constraints correctly.
I am currently aiming for 1.4.0 to be released in late June or early July. I believe this will happen, though some features previously planned for 1.4.x may end up being cut.
Botan 1.3.11 is out, fixing a pair of showstopper bugs in the PKCS #10 code that were introduced in 1.3.5 and only recently discovered. There are a handful of other small fixes, and a few interfaces were generalized a bit. The API and tutorial docs have various updates and fixes as well.
Botan 1.3.10 was released today. Again, nothing amazing, just a just a few bugfixes and internal cleanups. The GUI interaction stuff is now covered in the API doc.
Finally got around to doing a new release. Botan 1.3.9 is pretty small, mostly some bug fixes, and a new engine module that uses OpenSSL. I haven't really gotten organized yet, so progress is going to be slow for a while.
Botan 1.3.8 was released today, because I'm moving in a few days and want to get this out the door. It's not exactly polished (read: known serious bugs), but it has a lot of nice new stuff. Botan now has the ability to plug arbitrary backends (engines) into PK operations - with the GMP engine (included), RSA in Botan is several times faster than OpenSSL.
There are also several new hooks to help out GUI programs that use Botan. It's not documented yet, but an example application using GTK+ 2 hits the high points.
1.3.8 is getting towards what I have in mind for 1.4.0, but there are some fairly major performance problems in 1.3.8 (5-10% slower than 1.2.8 in several cases). These are all easily fixable (doing some basic optimizations in the new Montgomery reducer will alone push 1.4.0 past 1.2.x performance-wise), but I'll need time, which I currently do not have.
Reorganized the web site a bit to make things easier to find, and give me a place to put news.