[Botan-announce] Botan 2.8.0 released

Jack Lloyd jack at randombit.net
Mon Oct 1 11:23:39 EDT 2018


I'm pleased to announce Botan 2.8.0 has been released. Notable changes include

 - TLS v1.0 and v1.1 protocols (as well as DTLS v1.0) are DISABLED BY DEFAULT
   starting in this release. In addition the CBC and CCM TLS ciphersuites are
   also disabled by default. There is no reason to ever use the CBC ciphersuites
   in TLS v1.2, and CCM is only for niche IOT uses. Some applications may need
   to modify their TLS policies in order to explicitly enable these
   versions/suites.

 - Added support for using Apple's CommonCrypto library for hashing and
   symmetric ciphers. This may provide notable performance improvements for iOS
   applications, depending on what the hardware supports.

 - Added support for XChaCha stream cipher and XChaCha20Poly1305 AEAD.

 - New AVX2 implementations of ChaCha and Serpent.

 - Addition of a new interface for password hashing that supports Scrypt (which
   current PBKDF interface does not) and will be able to support Argon2 and
   other schemes in the future.

 - Addition of a Lucas test during primality testing, which effectively
   eliminates any chance of incorrectly accepting a composite as prime, even
   when using only a small number of Miller-Rabin iterations.

 - Many improvements and extensions to the C binding to support new users such
   as the Rust binding (https://crates.io/crates/botan) and strongSwan plugin.

 - Many improvements to the Python module (new features, better error checking, etc)

 - Hardening of default password hash params: bcrypt now uses work factor 12 by
   default (was 10), passhash9 defaults to 150K PBKDF2 iterations (was 100K).

Plus many smaller features, bug fixes, and optimizations documented in the
release notes https://botan.randombit.net/news.html#version-2-8-0-2018-10-01

Please note this is the last release that will support Visual C++ 2013, and for
this release, if building under VC 2013, you must use the flag
--ack-vc2013-deprecated at configure time.

https://botan.randombit.net/releases/Botan-2.8.0.tgz
https://botan.randombit.net/releases/Botan-2.8.0.tgz.asc
SHA-256 e7159b127e91e0c158245d61c638c50d443ec7b440b6b0161328c47b3aba3960

Best,
  Jack


More information about the botan-announce mailing list