From: Pauli Date: Tue, 11 Sep 2018 22:42:15 +0000 (+1000) Subject: Add a note to CHANGES indicating that AES-XTS now enforces two different X-Git-Tag: openssl-3.0.0-alpha1~3135 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=b28bfa7e5685588113a33708477b065d5888283e;p=oweals%2Fopenssl.git Add a note to CHANGES indicating that AES-XTS now enforces two different keys. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/7120) --- diff --git a/CHANGES b/CHANGES index d5ed4227cb..657f0cfb23 100644 --- a/CHANGES +++ b/CHANGES @@ -9,7 +9,12 @@ Changes between 1.1.1 and 1.1.2 [xx XXX xxxx] - *) + *) AES-XTS mode now enforces that its two keys are different to mitigate + the attacked described in "Efficient Instantiations of Tweakable + Blockciphers and Refinements to Modes OCB and PMAC" by Phillip Rogaway. + Details of this attack can be obtained from: + http://web.cs.ucdavis.edu/%7Erogaway/papers/offsets.pdf + [Paul Dale] Changes between 1.1.0i and 1.1.1 [11 Sep 2018] @@ -24,13 +29,6 @@ *) Add SM2 base algorithm support. [Jack Lloyd] - *) AES-XTS mode now enforces that its two keys are different to mitigate - the attacked described in "Efficient Instantiations of Tweakable - Blockciphers and Refinements to Modes OCB and PMAC" by Phillip Rogaway. - Details of this attack can be obtained from: - http://web.cs.ucdavis.edu/%7Erogaway/papers/offsets.pdf - [Paul Dale] - *) s390x assembly pack: add (improved) hardware-support for the following cryptographic primitives: sha3, shake, aes-gcm, aes-ccm, aes-ctr, aes-ofb, aes-cfb/cfb8, aes-ecb.