CIRCL v1.3.8

CIRCL v1.3.8

New

• BLS Signatures on top of BLS12-381.
• Adopt faster squaring in pairings.
• BlindRSA compliant with RFC9474.
• (Verifiable) Secret Sharing compatible with the Group interface (elliptic curves).

Notice

• Update on cpabe/tkn20 ciphertexts, read more at https://github.com/cloudflare/circl/wiki/tkn20-Ciphertext-Format-(v1.3.8)

What's Changed

• Implement Granger-Scott faster squaring in the cyclotomic subgroup. by @armfazh in #449
• Updates avo and CIRCL's own dependency. by @armfazh in #474
• Updating documentation for OPRF package. by @armfazh in #475
• group: removes order method from group interface by @armfazh in #356
• zk/dleq: Adding DLEQ proofs for Qn, the subgroup of squares in (Z/nZ)* by @armfazh in #451
• Reduce x/crypto and x/sys versions to match Go 1.21 by @Lekensteyn in #476
• Bump GitHub Actions versions and use Go 1.22 and 1.21 by @Lekensteyn in #477
• Adding rule for constant values by @armfazh in #478
• Add BLS signatures over BLS12-381 by @armfazh in #446
• group: Implements Shamir and Feldman secret sharing. by @armfazh in #348
• blindrsa: add support for all variants of RFC9474 by @armfazh in #479
• Explicitly installs Go with version before CodeQL analysis. by @armfazh in #481
• Bumps golangci-lint action by @armfazh in #485
• ecc/bls12381: Ensures pairing operations don't overwrite their input by @armfazh in #494
• Align to the purego build tag, removing noasm build tag by @mattyclarkson in #492
• cpabe: Serializing ciphertext with 32-bit prefixes. by @armfazh in #490

New Contributors

• @mattyclarkson made their first contribution in #492

Full Changelog: v1.3.7...v1.3.8

CIRCL v1.3.7

CIRCL v1.3.7

What's Changed

• build(deps): bump golang.org/x/crypto from 0.3.1-0.20221117191849-2c476679df9a to 0.17.0 by @dependabot in #467
• kyber: remove division by q in ciphertext compression by @bwesterb in #468
• Releasing CIRCL v1.3.7 by @armfazh in #469

New Contributors

• @dependabot made their first contribution in #467

Full Changelog: v1.3.6...v1.3.7

CIRCL v1.3.6

CIRCL v1.3.6

What's Changed

• internal: add TurboShake{128,256} by @bwesterb in #430
• Kangaroo12 draft -10 by @bwesterb in #431
• Add K12 as XOF by @bwesterb in #437
• xof/k12: Fix a typo in the package documentation by @cjpatton in #438
• Set CIRCL version for generated assembler code. by @armfazh in #440
• Add tkn20 benchmarks by @tanyav2 in #442
• Add partially blind RSA implementation by @chris-wood in #445
• Update doc.go by @nadimkobeissi in #447
• tss/rsa: key generation for threshold RSA (safe primes) by @armfazh in #450
• Bumping Go version for CI jobs. by @armfazh in #457
• Spelling by @jsoref in #456
• blindrsa: updating blindrsa to be compliant with RFC9474 by @armfazh in #464
• Releasing CIRCL v1.3.6 by @armfazh in #465

New Contributors

• @nadimkobeissi made their first contribution in #447
• @jsoref made their first contribution in #456

Full Changelog: v1.3.3...v1.3.6

CIRCL v1.3.3

New Features

• ASCON light-weight authenticated encryption.
• Hybrid KEM for HPKE based on Kyber and X25519.
• CIRCL can be compiled both as static and dynamic linking modes.

Security

• Fixes error-handling on rand readers.

What's Changed

• Use untyped consts for Kyber params by @tmthrgd in #398
• zk/dl: adds prefixed labels and updates nomenclature. by @armfazh in #396
• Bumping Go version. by @armfazh in #399
• kem: add P-256 + Kyber768Draft00 hybrid by @bwesterb in #402
• ckem: pass xof to elliptic.GenerateKey directly by @bwesterb in #403
• Adding Ascon, an AEAD lightweight cipher. by @armfazh in #400
• Add Ascon-80pq to cipher\ascon by @dhcgn in #404
• ascon: update formulas and check for API compatibility by @armfazh in #406
• all: enables dynamic linking, removes R15 is clobbered by @armfazh in #407
• ascon: Removes table of constants. by @armfazh in #408
• tkn20: prevent panics on key gen errors by @tmthrgd in #409
• expander,tkn20: remove superfluous Reset calls by @tmthrgd in #410
• Updating stdlib crypto library. by @armfazh in #413
• Reduce x/crypto and x/sys versions to match Go 1.20 by @Lekensteyn in #414
• Make ascon cipher go routine safe by @enj in #416
• tkn20,kyber,x25519,x448: plug constant-time leaks by @tmthrgd in #411
• Check for crypto/rand errors and ReadFull io.Readers by @bwesterb in #417
• Fix encapsulation seed size by @chris-wood in #419
• Add X25519Kyber768Draft00 experimental HPKE KEM by @chris-wood in #421
• hpke: Adding NonceSize function to AEAD. by @armfazh in #424
• hpke: Address always nil parameter. by @armfazh in #425
• hpke: update and move xyber768d00 test vectors by @bwesterb in #426
• hpke: fix encapsulation seed in test for xyber by @bwesterb in #428
• Remove scalar sha3 amd64 assembly by @bwesterb in #429
• Add HPKE benchmarks by @chris-wood in #434

New Contributors

• @tmthrgd made their first contribution in #398
• @dhcgn made their first contribution in #404
• @Lekensteyn made their first contribution in #414
• @enj made their first contribution in #416

Full Changelog: v1.3.2...v1.3.3

CIRCL v1.3.2

What's Changed

• oprf: Updating test vectors for VOPRF rc-rfc. by @armfazh in #388
• abe: Make golden files for cpabe. by @armfazh in #392
• abe: Improve test clarity by @tanyav2 in #393
• tkn20: change seed size for MAC key from 128->448 bits in accordance … by @tanyav2 in #394
• tss/rsa: Fixes RSA signature size. by @armfazh in #395
• Releasing v1.3.2 by @armfazh in #397

Full Changelog: v1.3.1...v1.3.2

CIRCL v1.3.1

What's Changed

• tkn20: Don't build outdated source file by @bwesterb in #386

Full Changelog: v1.3.0...v1.3.1

CIRCL v1.3.0

New Features

• CPABE: A ciphertext-policy attribute-based encryption based on TKN19 paper.
• Blind RSA signatures.
• Schnorr and DLEQ proofs of knowledge on elliptic curve groups.

Security

• SIDH/SIKE was deprecated. This applies to dh and kem packages.

What's Changed

• kem/hybrid: Remove restriction on seed sizes by @bwesterb in #342
• Updates OPRF test vectors to draft v10. by @armfazh in #344
• kem: add Kyber768X25519 by @bwesterb in #346
• kyber/ntt: fix documentation typos by @bwesterb in #347
• Use plain X{25519,448} for PQ hybrids instead of HPKE by @bwesterb in #351
• Add benchmarks for all OPRF suites (including a new Ristretto255 suite) by @chris-wood in #350
• chore: bump macos runner version by @renbaoshuo in #352
• group: adds a method to retrieve the group. by @armfazh in #354
• group: adds conditional move and select to group. by @armfazh in #353
• group: document group interface by @armfazh in #355
• sidh: deprecates sidh and sike packages. by @armfazh in #359
• Removes dependency on io/ioutil as is deprecated. by @armfazh in #361
• Formatting files with new go1.19 fmt tool. by @armfazh in #362
• tests: fixes ci to fail fast by @armfazh in #363
• math: adds polynomials and Lagrange polynomials. by @armfazh in #357
• dilithium: fix typo by @bwesterb in #366
• Bumping up to go 1.19 version. by @armfazh in #368
• Bumping linter to v1.49 by @armfazh in #369
• sidh: updates multiplication and reduction mod p434 by @armfazh in #235
• dleq: Moves dleq to new top-level zero-knowledge package. by @armfazh in #372
• Add Scalar/SetBigInt function by @chris-wood in #377
• Add deterministic blind RSA verifier by @chris-wood in #379
• Adding CodeQL analyzer by @armfazh in #380
• Add TKN20 ciphertext-policy attribute based encryption scheme by @tanyav2 in #381
• Updating readme for v1.3.0. by @armfazh in #382

New Contributors

• @renbaoshuo made their first contribution in #352
• @jbis9051 made their first contribution in #364
• @tanyav2 made their first contribution in #381

Full Changelog: v1.2.0...v1.3.0

CIRCL v1.2.0

Security

• Included countermeasures against Hertzbleed attack.

What's Changed

• group: add SetUint64 method to Group.Scalar. by @armfazh in #301
• group/ristretto255: use SetUint64 instead of SetBigInt by @bwesterb in #302
• oprf: updates test vectors to draft voprf-v8 by @armfazh in #300
• Move expander out of the group package. by @armfazh in #304
• group: adds a function for sampling non-zero scalars. by @armfazh in #305
• Add blind RSA protocol support by @chris-wood in #308
• Verify the signatures for sanity's sake by @chris-wood in #309
• bls12: Adding hashing to G2 by @armfazh in #299
• Pad blind RSA protocol messages to fixed modulus width by @chris-wood in #310
• Performs modular reduction for all scalars. by @armfazh in #315
• Added implementation of FrodoKEM-640-SHAKE-CCA. by @xvzcf in #311
• Expose randomly generated values for Blind RSA (salt and blind) by @chris-wood in #320
• oprf: update API and test vectors to draft v09 by @armfazh in #319
• Export Group and Hash for each OPRF suite by @chris-wood in #323
• Add deterministic Blind function by @chris-wood in #324
• Add functions to retrieve params of a Suite. by @armfazh in #325
• all: formatting code with golangci-lint by @armfazh in #321
• group: adds Set/Copy methods for group elements and scalars by @armfazh in #326
• Enable Ristretto255 for OPRFs. by @armfazh in #322
• Bumping up to Go1.18 by @armfazh in #327
• Refactoring FrodoKEM implementation. by @xvzcf in #328
• Bump golangci-lint to v1.45 and format files with gofumpt by @armfazh in #333
• Update version of github actions by @armfazh in #332
• Update with latest RSA from go stdlib by @armfazh in #331
• Moving golangci-lint to v1.46 by @armfazh in #334
• Wait for amd64 job succeds to run other jobs. by @armfazh in #337
• sike mitigation with test cases by @zhdllwyc in #336
• Formatting auto-generated code. by @armfazh in #338
• Format templates using gtfmt tool by @armfazh in #339
• Format generated files. by @armfazh in #340

New Contributors

• @xvzcf made their first contribution in #311
• @zhdllwyc made their first contribution in #336

Full Changelog: v1.1.0...v1.2.0

v1.1.0

What's Changed

New algorithms

Groups based on Elliptic Curves

• P-256, P-384, P-521, FIPS 186-4
• Ristretto
• Hash to Curve

High-Level Protocols

• Bilinear pairings with BLS12-381.
• HPKE: Hybrid Public-Key Encryption
• VOPRF: Verifiable Oblivious Pseudorandom function.

Post-Quantum Key Encapsulation Methods

• SIDH/SIKE: Supersingular Key Encapsulation with rimes p434, p503, p751
• CSIDH: Post-Quantum Commutative Group Action
• Kyber KEM: modes 512, 768, 1024

Post-Quantum Public-Key Encryption

• Kyber PKE: modes 512, 768, 1024

Post-Quantum Digital Signature Schemes

• Dilithium: modes 2, 3, 5

Elliptic Curves

• P-384 Curve
• FourQ
• Goldilocks

Parallel SIMD

• Keccak f1600 Permutation

XOF: eXtendable Output Functions

• FIPS 202: SHAKE128 and SHAKE256
• BLAKE2X: BLAKE2XB and BLAKE2XS

New Contributors

• @claucece made their first contribution in #79
• @bwesterb made their first contribution in #86
• @dougnukem made their first contribution in #88
• @jbampton made their first contribution in #127
• @chris-wood made their first contribution in #181
• @mkocikowski made their first contribution in #209

Full Changelog: v1.0.0...v1.1.0

Initial Release

Crypto Week 2019 Release