openSUSE Build Service

File liboqs.changes of Package liboqs

-------------------------------------------------------------------
Thu Apr 17 16:03:16 UTC 2025 - Marcus Meissner <meissner@suse.com>

- Updated to 0.13.0:
- Key encapsulation mechanisms
- New API: Added a deterministic key generation and API for KEMs (only ML-KEM supported at the moment).
- ML-KEM: Changed the default ML-KEM implementation to [PQCP's mlkem-native](https://github.com/pq-code-package/mlkem-native). There are three variants: Portable C, AVX2, and AArch64. Large +parts of these implementations are formally verified: all of the C code is verified for memory and type safety using [CBMC](https://github.com/diffblue/cbmc) and the functional correctness +of the core AArch64 assembly routines is verified using [HOL-Light](https://github.com/jrh13/hol-light).
- ML-KEM: Added support for the ML-KEM implementation from [Nvidia cuPQC](https://developer.nvidia.com/cupqc), a GPU accelerated cryptography library.
- ML-KEM: Implementation from mlkem-native upstream updated to add Pair-wise Consistency Test (PCT) and Intel CET support.
- ML-KEM: Improved testing of ML-KEM keys.
- HQC: Disabled HQC by default until [a new security flaw](https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/Wiu4ZQo3fP8) is fixed.

- Digital signature schemes
- ML-DSA: Improved testing for ML-DSA.
- CROSS: Updated to NIST Additional Signatures Round 2 version.
- MAYO: Updated to NIST Additional Signatures Round 2 version.
- UOV: Added support for UOV algorithm from NIST Additional Signatures Round 2.

-------------------------------------------------------------------
Tue Dec 10 07:51:25 UTC 2024 - Marcus Meissner <meissner@suse.com>

- Updated to 0.12.0:
- This release updates the ML-DSA implementation to the [final
FIPS 204](https://csrc.nist.gov/pubs/fips/204/final) version. This
release still includes the NIST Round 3 version of Dilithium for
interoperability purposes, but we plan to remove Dilithium Round 3 in
a future release.

- This will be the last release of liboqs to include Kyber (that is,
the NIST Round 3 version of Kyber, prior to its standardization by NIST
as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).

- The addition of ML-DSA FIPS 204 final version to liboqs has
introduced a new signature API which includes a context string
parameter. We are planning to remove the old version of the API
without a context string in the next release to streamline the
API and bring it in line with NIST specifications. Users who
have an opinion on this removal are invited to provide input at
https://github.com/open-quantum-safe/liboqs/issues/2001.

Security issues:

- CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect
shared secret value during decapsulation when called with an invalid
ciphertext. (bsc#1234292)

-------------------------------------------------------------------
Sun Sep 29 09:48:19 UTC 2024 - Marcus Meissner <meissner@suse.com>

- Updated to 0.11.0:
* This release updates ML-KEM implementations to their final FIPS 203
https://csrc.nist.gov/pubs/fips/203/final versions .
* This release still includes the NIST Round 3 version of Kyber for
interoperability purposes, but we plan to remove Kyber Round 3 in a
future release.
* Additionally, this release adds support for MAYO and CROSS
digital signature schemes from [NIST Additional Signatures Round 1
https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures
along with stateful hash-based signature schemes XMSS
https://datatracker.ietf.org/doc/html/rfc8391 and LMS
https://datatracker.ietf.org/doc/html/rfc8554.
* Finally, this release provides formally verified
implementations of Kyber-512 and Kyber-768 from libjade
https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2

* LMS and XMSS are disabled by default due to the security risks associated with their use in software.
See the note on stateful hash-based signatures in CONFIGURE.md

* Key encapsulation mechanisms:

- Kyber: Added formally-verified portable C and AVX2 implementations
of Kyber-512 and Kyber-768 from libjade.
- ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512,
ML-KEM-768, and ML-KEM-1024 to FIP 203 version.
- Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and
Kyber-1024 to work with AddressSanitizer.

* Digital signature schemes:

- LMS/XMSS: Added implementations of stateful hash-based signature
schemes: XMSS and LMS
- MAYO: Added portable C and AVX2 implementations of MAYO signature
scheme from NIST Additional Signatures Round 1.
- CROSS: Added portable C and AVX2 implementations of CROSS signature
scheme from NIST Additional Signatures Round 1.

* Other changes:

- Added callback API to use custom implementations of AES, SHA2, and SHA3.
- Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API.

- new library major version 6

-------------------------------------------------------------------
Tue Jun 11 08:39:32 UTC 2024 - Marcus Meissner <meissner@suse.com>

- updated to 0.10.1:
This release is a security release which fixes potential
non-constant-time behaviour in ML-KEM and Kyber. (bsc#1226162
CVE-2024-36405)

It also includes a fix for incorrectly named macros in the ML-DSA
implementation.

-------------------------------------------------------------------
Sat Mar 23 13:40:29 UTC 2024 - Marcus Meissner <meissner@suse.com>

- updated to 0.10.0:
Key encapsulation mechanisms:

- BIKE: Updated portable C implementation to include constant-time fixes from upstream.
- HQC: Updated to NIST Round 4 version.
- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-768, and ML-KEM-1024.

Digital signature schemes:

- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification.
- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87.

Other changes:

- Improved thread safety.
- Removed support for the "NIST-KAT" DRBG.
- Added extended KAT test programs.
- library major version changed from 4 to 5

-------------------------------------------------------------------
Tue Jan 23 15:19:41 UTC 2024 - Marcus Meissner <meissner@suse.com>

- updated to 0.9.2:
- Fixed potential non-constant-time behaviour in Kyber based on https://github.com/pq-crystals/kyber/commit/272125f6acc8e8b6850fd68ceb901a660ff48196
(bsc#1219614)
- Kyber: C, AVX2, and aarch64 implementation updated

-------------------------------------------------------------------
Sun Dec 24 10:00:49 UTC 2023 - Marcus Meissner <meissner@suse.com>

- updated to 0.9.1:
- Key encapsulation mechanisms

- Kyber: C, AVX2, and aarch64 implementation updated

-------------------------------------------------------------------
Fri Oct 13 07:31:49 UTC 2023 - Marcus Meissner <meissner@suse.com>

- updated to 0.9.0

This release features an update to the Classic McEliece KEM, bringing it
in line with NIST Round 4. It also adds or updates ARM implementations
for Kyber, Dilithium, and Falcon.

- major library version 4

-------------------------------------------------------------------
Thu Jun 8 07:14:12 UTC 2023 - Marcus Meissner <meissner@suse.com>

- updated to 0.8.0
This release features many algorithm updates, including removal
of algorithms and variants no longer proceeding through NIST
standardization and updates to newer versions. See the detailed list
of algorithm updates below.

Key encapsulation mechanisms:

- BIKE: updated to Round 4 version.
- Kyber: 90s variants were removed.
- NTRU Prime: All variants were removed, except for sntrup761.
- Saber: removed.

Digital signature schemes

- Dilithium; AES variants were removed.
- Falcon: updated to the 2023-02-07 version.
- Picnic: removed.
- Rainbow: removed.
- SPHINCS+: updated to version 3.1; SPHINCS+-Haraka variants were removed; SPHINCS+-SHA256 and SPHINCS+-SHAKE variants were renamed

Other changes

- Add Cryptographic Bill of Materials (CBOM)
- Improve building on ARM platforms
- Improve performance when using OpenSSL 3 for symmetric cryptography
- Increment shared object library version
- New configure-time options for algorithm selections
- pkgconfig file now available

- removed 0001-Add-support-for-powerpc64.-1160.patch: upstream
- 0002-Mark-stack-non-executable-when-compiling-with-clang-.patch: upstream

- liboqs is now liboqs.so.3.

-------------------------------------------------------------------
Wed Mar 29 06:38:25 UTC 2023 - Marcus Meissner <meissner@suse.com>

- liboqs-fix-prototypemismatch.patch: fixed uint8_t* vs unsigned char* mismatch
- disable -Werror for now.

-------------------------------------------------------------------
Tue Nov 15 16:10:18 UTC 2022 - Jan Engelhardt <jengelh@inai.de>

- Ship the README.md mentioned in the description.
- Compact descriptions.

-------------------------------------------------------------------
Sat Jul 2 07:21:42 UTC 2022 - Christophe Giboudeaux <christophe@krop.fr>

- Add upstream changes:
* 0001-Add-support-for-powerpc64.-1160.patch
* 0002-Mark-stack-non-executable-when-compiling-with-clang-.patch
- Spec cleanup

-------------------------------------------------------------------
Tue Jan 25 07:48:57 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>

- Stop building with march=native to get reproducible binaries (boo#1100677)

-------------------------------------------------------------------
Sun Jan 2 18:26:29 UTC 2022 - Jan Engelhardt <jengelh@inai.de>

- Trim redundancies from description. Remove old specfile
constructs.

-------------------------------------------------------------------
Fri Nov 12 13:08:09 UTC 2021 - Marcus Meissner <meissner@suse.com>

- initial import of the liboqs Open Quantum Safe library, version 0.7.1

Places

File liboqs.changes of Package liboqs

Places