diff --git a/CHANGES b/CHANGES index 4dc065923c4abdaf1101e17e03349a78c8f12a27..8b4a8bbe104e799fdecdd14d74b0811d0d22302a 100644 --- a/CHANGES +++ b/CHANGES @@ -8,6 +8,13 @@ release branch. Changes between 1.1.0h and 1.1.1 [xx XXX xxxx] + *) Make ec_group_do_inverse_ord() more robust and available to other + EC cryptosystems, so that irrespective of BN_FLG_CONSTTIME, SCA + mitigations are applied to the fallback BN_mod_inverse(). + When using this function rather than BN_mod_inverse() directly, new + EC cryptosystem implementations are then safer-by-default. + [Billy Bob Brumley] + *) Add coordinate blinding for EC_POINT and implement projective coordinate blinding for generic prime curves as a countermeasure to chosen point SCA attacks.