Hello, I've just released gnutls 3.2.0. This release significantly improves the performance of gnutls in two ways. The new elliptic curve implementation of nettle 2.7 is used which improves performance by a factor of 2 (thanks to Niels Moeller), and on the ciphersuite level the (currently) private ciphersuites with Salsa20 and UMAC-96 are defined, giving a performance boost compared to any ARCFOUR or AES based ciphersuites. The new ciphersuites also provide a solution to the recent attacks in TLS that compromise the security of CBC-based ciphersuites and ARCFOUR. Note that since these are private --i.e., gnutls-specific-- ciphersuites they are not enabled by default.
In addition on this release all support for the so-called EXPORT ciphersuites is dropped. * Version 3.2.0 (released 2013-05-10) ** libgnutls: Use nettle's elliptic curve implementation. ** libgnutls: Added Salsa20 cipher ** libgnutls: Added UMAC-96 and UMAC-128 ** libgnutls: Added ciphersuites involving Salsa20 and UMAC-96. As they are not standardized they are defined using private ciphersuite numbers. ** libgnutls: Added support for DTLS 1.2. ** libgnutls: Added support for the Application Layer Protocol Negotiation (ALPN) extension. ** libgnutls: Removed support for the RSA-EXPORT ciphersuites. ** libgnutls: Avoid linking to librt (that also avoids unnecessary linking to pthreads if p11-kit isn't used). ** API and ABI modifications: gnutls_cipher_get_iv_size: Added gnutls_hmac_set_nonce: Added gnutls_mac_get_nonce_size: Added Getting the Software ==================== GnuTLS may be downloaded directly from <ftp://ftp.gnutls.org/gcrypt/gnutls/>. A list of GnuTLS mirrors can be found at <http://www.gnutls.org/download.html>. Here are the XZ and LZIP compressed sources: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.0.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.0.tar.lz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.0.tar.xz.sig ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.0.tar.lz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org> uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at> gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
