Add a note to CHANGES indicating that AES-XTS now enforces two different

keys. Reviewed-by: N Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7120)

Add a note to CHANGES indicating that AES-XTS now enforces two different
keys. Reviewed-by: N Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7120)
b28bfa7e · Pauli · 95eda4f0 · b28bfa7e
隐藏空白更改
内联并排

Showing with 6 addition and 8 deletion

CHANGES CHANGES +6 -8

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -9,7 +9,12 @@

 Changes between 1.1.1 and 1.1.2 [xx XXX xxxx]

-  *)
+  *) AES-XTS mode now enforces that its two keys are different to mitigate
+     the attacked described in "Efficient Instantiations of Tweakable
+     Blockciphers and Refinements to Modes OCB and PMAC" by Phillip Rogaway.
+     Details of this attack can be obtained from:
+     http://web.cs.ucdavis.edu/%7Erogaway/papers/offsets.pdf
+     [Paul Dale]

 Changes between 1.1.0i and 1.1.1 [11 Sep 2018]

@@ -24,13 +29,6 @@
  *) Add SM2 base algorithm support.
     [Jack Lloyd]

-  *) AES-XTS mode now enforces that its two keys are different to mitigate
-     the attacked described in "Efficient Instantiations of Tweakable
-     Blockciphers and Refinements to Modes OCB and PMAC" by Phillip Rogaway.
-     Details of this attack can be obtained from:
-     http://web.cs.ucdavis.edu/%7Erogaway/papers/offsets.pdf
-     [Paul Dale]
-
  *) s390x assembly pack: add (improved) hardware-support for the following
     cryptographic primitives: sha3, shake, aes-gcm, aes-ccm, aes-ctr, aes-ofb,
     aes-cfb/cfb8, aes-ecb.