|
1 | | -liboqs version 0.10.0 |
2 | | -===================== |
| 1 | +liboqs version 0.10.1-rc1 |
| 2 | +========================= |
3 | 3 |
|
4 | 4 | About |
5 | 5 | ----- |
@@ -28,103 +28,34 @@ liboqs can also be used in the following programming languages via language-spec |
28 | 28 | Release notes |
29 | 29 | ============= |
30 | 30 |
|
31 | | -This is version 0.10.0 of liboqs. It was released on March 20, 2024. |
| 31 | +This is release candidate 1 of version 0.10.1 of liboqs. It was released on June 5, 2024. |
32 | 32 |
|
33 | | -This release adds support for ML-KEM (previously known as CRYSTALS-Kyber) and ML-DSA (previously known as CRYSTALS-Dilithium), based on the initial public drafts of [FIPS 203](https://csrc.nist.gov/pubs/fips/203/ipd) and [FIPS 204](https://csrc.nist.gov/pubs/fips/204/ipd), respectively. OQS continues to support the NIST Round 3 versions of Kyber and Dilithium for interoperability purposes. This release additionally updates HQC to the NIST Round 4 version and adds support for fixed-length Falcon signatures. |
| 33 | +This release is a security release which fixes potential non-constant-time behaviour in ML-KEM and Kyber based on https://github.com/pq-crystals/kyber/commit/0264efacf18dd665d2066f21df3a3290b52ba240 and https://github.com/pq-crystals/kyber/commit/9b8d30698a3e7449aeb34e62339d4176f11e3c6c. It also includes a fix for incorrectly named macros in the ML-DSA implementation. |
34 | 34 |
|
35 | 35 | What's New |
36 | 36 | ---------- |
37 | 37 |
|
38 | | -This release continues from the 0.9.2 release of liboqs. |
| 38 | +This release continues from the 0.10.0 release of liboqs. |
39 | 39 |
|
40 | 40 | ### Key encapsulation mechanisms |
41 | 41 |
|
42 | | -- BIKE: Updated portable C implementation to include constant-time fixes from upstream. |
43 | | -- HQC: Updated to NIST Round 4 version. |
44 | | -- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-768, and ML-KEM-1024. |
| 42 | +- Kyber: portable C and AVX2 implementations updated |
| 43 | +- ML-KEM: portable C and AVX2 implementations updated |
45 | 44 |
|
46 | 45 | ### Digital signature schemes |
47 | 46 |
|
48 | | -- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification. |
49 | | -- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87. |
50 | | - |
51 | | -### Other changes |
52 | | - |
53 | | -- Improved thread safety. |
54 | | -- Added uninstall support via `ninja uninstall` |
55 | | -- Documented platforms by support tier in PLATFORMS.md. |
56 | | -- Added support for Zephyr RTOS. |
57 | | -- Improved support for macOS on Apple Silicon. |
58 | | -- Removed support for the "NIST-KAT" DRBG. |
59 | | -- Added extended KAT test programs. |
| 47 | +- ML-DSA: incorrectly named macros renamed |
60 | 48 |
|
61 | 49 | --- |
62 | 50 |
|
63 | 51 | Detailed changelog |
64 | 52 | ------------------ |
65 | 53 |
|
66 | | -* PR template update & OpenSSL clarification by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1582 |
67 | | -* Use CMAKE_USE_PTHREADS_INIT by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1576 |
68 | | -* Add section to CONFIGURE.md link by @iyanmv in https://github.com/open-quantum-safe/liboqs/pull/1578 |
69 | | -* Run copy_from_upstream and test by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1589 |
70 | | -* Support several pqclean upstream versions by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1595 |
71 | | -* Call Keccak_(X4_)Dispatch with pthread_once by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1549 |
72 | | -* minor updates by @vsoftco in https://github.com/open-quantum-safe/liboqs/pull/1600 |
73 | | -* Pull new HQC implementation from upstream by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1585 |
74 | | -* add uninstall support by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1604 |
75 | | -* Ensure generic OQS_OPT_TARGET in weekly CT tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1618 |
76 | | -* update .travis.yml by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1629 |
77 | | -* Pull latest Kyber version from upstream by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1631 |
78 | | -* platform support documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1605 |
79 | | -* Add support for Zephyr RTOS by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1621 |
80 | | -* Apply patch to Kyber aarch64 code from PQClean for variable-time division issue. by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1636 |
81 | | -* Fix BIKE constant-time errors by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1632 |
82 | | -* Fix falcon constant time check in Valgrind by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1646 |
83 | | -* Correct cmake version requirement by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1643 |
84 | | -* Pull Kyber division fixes from PQ-Crystals into main by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1649 |
85 | | -* Bump gitpython from 3.1.37 to 3.1.41 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1659 |
86 | | -* Zephyr: fixes for platform support by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1658 |
87 | | -* Bump jinja2 from 2.11.3 to 3.1.3 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1661 |
88 | | -* Riscv zephyr support by @trigpolynom in https://github.com/open-quantum-safe/liboqs/pull/1641 |
89 | | -* Zephyr: CMake fixes by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1664 |
90 | | -* Clarify that copyright is held by authors and not the project itself [skip ci] by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1668 |
91 | | -* Make internal API available to (only) test programs by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1667 |
92 | | -* Remove reference to old BIKE variants from CONFIGURE.md [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1669 |
93 | | -* Add a document describing our subproject governance by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1675 |
94 | | -* Set the correct compile flag for the memory sanitizer build by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1680 |
95 | | -* Test against all 100 KAT values by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1560 |
96 | | -* Update BIKE documentation to exclude x86 by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1679 |
97 | | -* find_package(Threads) regardless of BUILD_ONLY_LIB by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1653 |
98 | | -* Call set_available_cpu_extensions using pthread_once by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1671 |
99 | | -* Discontinue AppVeyor CI testing by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1682 |
100 | | -* Run oqs-provider release tests in CI on release candidate branches by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1654 |
101 | | -* Fix link in GOVERNANCE.md by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1686 |
102 | | -* Rename weekly runs and skip Falcon-1024 [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1684 |
103 | | -* Update McEliece suppression files for generic config by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1677 |
104 | | -* Update SPHINCS+ "clean" suppression files by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1683 |
105 | | -* Update Sphincs+ Markdown documentation from YAML by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1690 |
106 | | -* properly document release support level [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1688 |
107 | | -* set(OQS_USE_PTHREADS OFF) on MinGW/Cygwin by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1695 |
108 | | -* Fix cross compilation and test in CI by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1696 |
109 | | -* update brew install instructions to use openssl@3 instead of openssl@1.1.1 [skip ci] by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1701 |
110 | | -* Add ML-DSA-ipd and ML-KEM-ipd & NIST supplied test vectors by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1626 |
111 | | -* Small fixes after adding ML-\* by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1702 |
112 | | -* Move MacOS CI tests to GitHub Actions; add M1 CI tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1709 |
113 | | -* Update liboqs readme to point to oqs-provider instead of deprecated openssl1.1.1 fork [skip ci] by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1699 |
114 | | -* Fix for the Zephyr CI tests by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1714 |
115 | | -* remove references to unsupported openssh [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1713 |
116 | | -* fix documentation generation by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1715 |
117 | | -* Support Falcon PADDED format by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1710 |
118 | | -* Fix for alg_support.cmake by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1716 |
119 | | -* Fix SPHINCS+ naming in CT tests [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1720 |
120 | | -* improve algorithm documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1721 |
121 | | -* Always build "internal" library as static by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1725 |
122 | | - |
123 | | -## New Contributors |
124 | | -* @zxjtan made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1576 |
125 | | -* @iyanmv made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1578 |
126 | | -* @Frauschi made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1621 |
127 | | -* @cothan made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1646 |
128 | | -* @trigpolynom made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1641 |
129 | | - |
130 | | -**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.9.2...0.10.0 |
| 54 | +* switching to dev mode again by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1743 |
| 55 | +* Update README.md by @vsoftco in https://github.com/open-quantum-safe/liboqs/pull/1769 |
| 56 | +* Fix README.md to work with Doxygen release 1.10.0 by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1775 |
| 57 | +* Fix for incorrect macros in signatures. by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1799 |
| 58 | +* Pull Kyber/ML-KEM CT-Fix from upstream by @bhess |
| 59 | +* Force gcc 13.2.0 over 13.3.0 by @planetf1 in https://github.com/open-quantum-safe/liboqs/pull/1805 |
| 60 | + |
| 61 | +**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.10.0...0.10.1-rc1 |
0 commit comments