Skip to content

Commit

Permalink
0.10.0 release (#1734)
Browse files Browse the repository at this point in the history
* Bump version string, add release notes, dates, and update support level

Signed-off-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com>

---------

Signed-off-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com>
Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
Co-authored-by: Michael Baentsch <57787676+baentsch@users.noreply.github.com>
  • Loading branch information
3 people authored Mar 23, 2024
1 parent d183ed3 commit 36be574
Show file tree
Hide file tree
Showing 3 changed files with 83 additions and 61 deletions.
2 changes: 1 addition & 1 deletion CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ set(CMAKE_C_STANDARD 11)
set(CMAKE_C_STANDARD_REQUIRED ON)
set(CMAKE_POSITION_INDEPENDENT_CODE ON)
set(CMAKE_C_VISIBILITY_PRESET hidden)
set(OQS_VERSION_TEXT "0.10.0-dev")
set(OQS_VERSION_TEXT "0.10.0")
set(OQS_COMPILE_BUILD_TARGET "${CMAKE_SYSTEM_PROCESSOR}-${CMAKE_HOST_SYSTEM}")
set(OQS_MINIMAL_GCC_VERSION "7.1.0")
set(CMAKE_EXPORT_COMPILE_COMMANDS ON)
Expand Down
133 changes: 79 additions & 54 deletions RELEASE.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
liboqs version 0.9.0
====================
liboqs version 0.10.0
=====================

About
-----
Expand Down Expand Up @@ -28,78 +28,103 @@ liboqs can also be used in the following programming languages via language-spec
Release notes
=============

This is version 0.9.0 of liboqs. It was released on October 12, 2023.
This is version 0.10.0 of liboqs. It was released on March 20, 2024.

This release features an update to the Classic McEliece KEM, bringing it in line with NIST Round 4. It also adds or updates ARM implementations for Kyber, Dilithium, and Falcon.
This release adds support for ML-KEM (previously known as CRYSTALS-Kyber) and ML-DSA (previously known as CRYSTALS-Dilithium), based on the initial public drafts of [FIPS 203](https://csrc.nist.gov/pubs/fips/203/ipd) and [FIPS 204](https://csrc.nist.gov/pubs/fips/204/ipd), respectively. OQS continues to support the NIST Round 3 versions of Kyber and Dilithium for interoperability purposes. This release additionally updates HQC to the NIST Round 4 version and adds support for fixed-length Falcon signatures.

What's New
----------

This release continues from the 0.8.0 release of liboqs.
This release continues from the 0.9.2 release of liboqs.

### Key encapsulation mechanisms

- Classic McEliece: updated to Round 4 version.
- Kyber: aarch64 implementation updated.
- BIKE: Updated portable C implementation to include constant-time fixes from upstream.
- HQC: Updated to NIST Round 4 version.
- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-768, and ML-KEM-1024.

### Digital signature schemes

- Dilithium: aarch64 implementation updated.
- Falcon: aarch64 implementation added.
- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification.
- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87.

### Other changes

- Update algorithm documentation
- Support compilation for Windows on ARM64, Apple mobile, and Android platforms
- Improve resilience of randombytes on Apple systems

Release call
============

Users of liboqs are invited to join a webinar on Thursday, November 2, 2023, from 12-1pm US Eastern time for information on this release, plans for the next release cycle, and to provide feedback on OQS usage and features.

The Zoom link for the webinar is: https://uwaterloo.zoom.us/j/98288698086
- Improved thread safety.
- Added uninstall support via `ninja uninstall`
- Documented platforms by support tier in PLATFORMS.md.
- Added support for Zephyr RTOS.
- Improved support for macOS on Apple Silicon.
- Removed support for the "NIST-KAT" DRBG.
- Added extended KAT test programs.

---

Detailed changelog
------------------

* Fix libdir value in liboqs.pc by @vt-alt in https://github.com/open-quantum-safe/liboqs/pull/1496
* update version and remove CCI triggers by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1498
* create deb package and retain as artifact by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1501
* README correction to docs path & additional gitignore to macos + vscode by @planetf1 in https://github.com/open-quantum-safe/liboqs/pull/1503
* Trigger liboqs-python CI via GitHub API by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1507
* Update Classic McEliece by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1470
* update BIKE documentation by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1509
* kyber/dilithium aarch64 pull from pqclean + patches by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1512
* Pull Falcon updates from PQClean by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1523
* Bump XCode by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1526
* Update Classic McEliece supression files by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1527
* Bump gitpython from 3.1.30 to 3.1.32 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1524
* ci: add CI for android by @res0nance in https://github.com/open-quantum-safe/liboqs/pull/1531
* re-enable armhf speed testing by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1535
* Bump gitpython from 3.1.32 to 3.1.34 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1538
* Prefer arc4random on Apple platforms by @res0nance in https://github.com/open-quantum-safe/liboqs/pull/1544
* Bump gitpython from 3.1.34 to 3.1.35 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1551
* Update Classic McEliece suppression files by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1541
* Pull Neon implementation of Falcon from PQClean by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1547
* ci: add CI for apple mobile platforms by @res0nance in https://github.com/open-quantum-safe/liboqs/pull/1546
* Add Windows ARM64 support by @res0nance in https://github.com/open-quantum-safe/liboqs/pull/1545
* Document Falcon constant time errors by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1552
* ci: github actions CI for Windows x86 and x64 by @res0nance in https://github.com/open-quantum-safe/liboqs/pull/1554
* build: Align VS test folder with all other Generators by @res0nance in https://github.com/open-quantum-safe/liboqs/pull/1557
* Fix weekly.yml to skip McEliece by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1562
* Enable extensions in constant-time tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1567
* Update Classic McEliece supression files by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1568
* liboqs 0.9.0 release candidate 1 by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1570
* add community standard documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1565
* Bump gitpython from 3.1.35 to 3.1.37 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1575
* PR template update & OpenSSL clarification by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1582
* Use CMAKE_USE_PTHREADS_INIT by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1576
* Add section to CONFIGURE.md link by @iyanmv in https://github.com/open-quantum-safe/liboqs/pull/1578
* Run copy_from_upstream and test by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1589
* Support several pqclean upstream versions by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1595
* Call Keccak_(X4_)Dispatch with pthread_once by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1549
* minor updates by @vsoftco in https://github.com/open-quantum-safe/liboqs/pull/1600
* Pull new HQC implementation from upstream by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1585
* add uninstall support by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1604
* Ensure generic OQS_OPT_TARGET in weekly CT tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1618
* update .travis.yml by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1629
* Pull latest Kyber version from upstream by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1631
* platform support documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1605
* Add support for Zephyr RTOS by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1621
* Apply patch to Kyber aarch64 code from PQClean for variable-time division issue. by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1636
* Fix BIKE constant-time errors by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1632
* Fix falcon constant time check in Valgrind by @cothan in https://github.com/open-quantum-safe/liboqs/pull/1646
* Correct cmake version requirement by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1643
* Pull Kyber division fixes from PQ-Crystals into main by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull/1649
* Bump gitpython from 3.1.37 to 3.1.41 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1659
* Zephyr: fixes for platform support by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1658
* Bump jinja2 from 2.11.3 to 3.1.3 in /scripts/copy_from_upstream by @dependabot in https://github.com/open-quantum-safe/liboqs/pull/1661
* Riscv zephyr support by @trigpolynom in https://github.com/open-quantum-safe/liboqs/pull/1641
* Zephyr: CMake fixes by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1664
* Clarify that copyright is held by authors and not the project itself [skip ci] by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1668
* Make internal API available to (only) test programs by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1667
* Remove reference to old BIKE variants from CONFIGURE.md [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1669
* Add a document describing our subproject governance by @dstebila in https://github.com/open-quantum-safe/liboqs/pull/1675
* Set the correct compile flag for the memory sanitizer build by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1680
* Test against all 100 KAT values by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1560
* Update BIKE documentation to exclude x86 by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1679
* find_package(Threads) regardless of BUILD_ONLY_LIB by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1653
* Call set_available_cpu_extensions using pthread_once by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1671
* Discontinue AppVeyor CI testing by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1682
* Run oqs-provider release tests in CI on release candidate branches by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1654
* Fix link in GOVERNANCE.md by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1686
* Rename weekly runs and skip Falcon-1024 [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1684
* Update McEliece suppression files for generic config by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1677
* Update SPHINCS+ "clean" suppression files by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1683
* Update Sphincs+ Markdown documentation from YAML by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1690
* properly document release support level [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1688
* set(OQS_USE_PTHREADS OFF) on MinGW/Cygwin by @zxjtan in https://github.com/open-quantum-safe/liboqs/pull/1695
* Fix cross compilation and test in CI by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1696
* update brew install instructions to use openssl@3 instead of openssl@1.1.1 [skip ci] by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1701
* Add ML-DSA-ipd and ML-KEM-ipd & NIST supplied test vectors by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1626
* Small fixes after adding ML-\* by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1702
* Move MacOS CI tests to GitHub Actions; add M1 CI tests by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1709
* Update liboqs readme to point to oqs-provider instead of deprecated openssl1.1.1 fork [skip ci] by @Martyrshot in https://github.com/open-quantum-safe/liboqs/pull/1699
* Fix for the Zephyr CI tests by @Frauschi in https://github.com/open-quantum-safe/liboqs/pull/1714
* remove references to unsupported openssh [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1713
* fix documentation generation by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1715
* Support Falcon PADDED format by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1710
* Fix for alg_support.cmake by @bhess in https://github.com/open-quantum-safe/liboqs/pull/1716
* Fix SPHINCS+ naming in CT tests [skip ci] by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1720
* improve algorithm documentation [skip ci] by @baentsch in https://github.com/open-quantum-safe/liboqs/pull/1721
* Always build "internal" library as static by @SWilson4 in https://github.com/open-quantum-safe/liboqs/pull/1725

## New Contributors
* @planetf1 made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1503
* @SWilson4 made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1507
* @praveksharma made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1470
* @res0nance made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1531
* @zxjtan made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1576
* @iyanmv made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1578
* @Frauschi made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1621
* @cothan made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1646
* @trigpolynom made their first contribution in https://github.com/open-quantum-safe/liboqs/pull/1641

**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.8.0...0.9.0
**Full Changelog**: https://github.com/open-quantum-safe/liboqs/compare/0.9.2...0.10.0
9 changes: 3 additions & 6 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,12 @@

We only support the most recent release.

Using any prior code is strongly discouraged due to a [known security vulnerability in Kyber](https://github.com/open-quantum-safe/liboqs/releases/tag/0.9.2).
Using any code prior to 0.9.2 is strongly discouraged due to a [known security vulnerability in Kyber](https://github.com/open-quantum-safe/liboqs/releases/tag/0.9.2).

| Version | Supported |
| ------- | ------------------ |
| 0.9.2 | :white_check_mark: |
| 0.9.1 | :x: |
| 0.9.0 | :x: |
| 0.8.0 | :x: |
| < 0.8 | :x: |
| 0.10.0 | :white_check_mark: |
| < 0.10 | :x: |

## Reporting a Vulnerability
Please follow [this information to report a vulnerability](https://openquantumsafe.org/liboqs/security.html#reporting-security-bugs).
Expand Down

0 comments on commit 36be574

Please sign in to comment.