projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Document when a new session ticket gets created on resumption
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 742b673aa6353cdd5daf7b2063fbd00a628e02b2..e8b92ccc0267a5cd4a5d72d69ce9213b02d98992 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
 
+  *) Apply blinding to binary field modular inversion and remove patent
+     pending (OPENSSL_SUN_GF2M_DIV) BN_GF2m_mod_div implementation.
+     [Billy Bob Brumley]
+
   *) Deprecate ec2_mult.c and unify scalar multiplication code paths for
      binary and prime elliptic curves.
      [Billy Bob Brumley]
@@ -17,6 +21,14 @@
      constant time fixed point multiplication.
      [Billy Bob Brumley]
 
+  *) Revise elliptic curve scalar multiplication with timing attack
+     defenses: ec_wNAF_mul redirects to a constant time implementation
+     when computing fixed point and variable point multiplication (which
+     in OpenSSL are mostly used with secret scalars in keygen, sign,
+     ECDH derive operations).
+     [Billy Bob Brumley, Nicola Tuveri, Cesar Pereida GarcĂ­a,
+      Sohaib ul Hassan]
+
   *) Updated CONTRIBUTING
      [Rich Salz]
 
Unnamed repository; edit this file 'description' to name the repository.