CHANGES: mention blinding reverting in ECDSA.

author Andy Polyakov <appro@openssl.org>

Thu, 26 Jul 2018 12:38:53 +0000 (14:38 +0200)

committer Andy Polyakov <appro@openssl.org>

Fri, 27 Jul 2018 12:50:35 +0000 (14:50 +0200)
author Andy Polyakov <appro@openssl.org>
Thu, 26 Jul 2018 12:38:53 +0000 (14:38 +0200)
committer Andy Polyakov <appro@openssl.org>
Fri, 27 Jul 2018 12:50:35 +0000 (14:50 +0200)
diff --git a/CHANGES b/CHANGES

index 148960a36e5f65ccab810d33836bf0cde4f6ec3b..277654dc7e54945000aafbfaa913f8fe6f6beb62 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
  
   Changes between 1.1.0h and 1.1.0i [xx XXX xxxx]
  
+  *) Revert blinding in ECDSA sign and instead make problematic addition
+     length-invariant. Switch even to fixed-length Montgomery multiplication.
+     [Andy Polyakov]
+
    *) Change generating and checking of primes so that the error rate of not
       being prime depends on the intended use based on the size of the input.
       For larger primes this will result in more rounds of Miller-Rabin.
author	Andy Polyakov <appro@openssl.org>
	Thu, 26 Jul 2018 12:38:53 +0000 (14:38 +0200)
committer	Andy Polyakov <appro@openssl.org>
	Fri, 27 Jul 2018 12:50:35 +0000 (14:50 +0200)