After three years of development, the GNU Project has released the release of the library Libgcrypt 1.9.0 , which implements the components behind the encryption mechanisms used by GnuPG. The library provides functions for use in third-party applications of various cryptoalgorithms, including symmetric ciphers (AES, Arcfour, Blowfish, Camellia, CAST5, ChaCha20, DES, GOST28147, Salsa20, SEED, Serpent, Twofish), hashing algorithms (MD5, RIPE-MD160, SHA – *, SHAKE256, TIGER-192, Whirlpool),
authenticated encryption algorithms (HMAC- *, CMAC- *, GMAC- *, Poly1305- *), encryption using public keys (RSA, Elgamal, DSA, ECDSA, EdDSA, ECDH). The new branch is fully API and ABI compatible with the 1.8.x branch (no need to rebuild programs to use the new version).
Key improvements:
- Added support for new Ed448, X448 and SM2 elliptic curves.
- Added block cipher mode EAX (encrypt-then-authenticate-then-translate).
- Added block cipher SM4 (Chinese standard GB / T 32907-2016).
- Added hash function SM3 (Chinese standard GB / T 32905-2016).
- Added new variants of SHA512 / 224 and SHA512 / 256 hashing algorithms.
- Added new MAC algorithm for Blake-2, new variants SHA512, SM3, SM4 and GOST.
- New functions gcry_mpi_get_ui, gcry_ecc_mul_point and gcry_ecc_get_algo_keylen have been proposed.
- The GCRYCTL_AUTO_EXPAND_SECMEM flag has been added to allow increasing the size of protected memory areas.
- Introduced performance optimizations for Aarch64 processors.
- Poly1305 and ChaCha implementations have been accelerated.
- AES and SHA-256 implementations have been accelerated for PowerPC processors.
- Expanded the use of AES-NI instructions for accelerating AES-XTS (in tests, the speed increased 6 times) and OCB.
- AES-XTS performance on ARMv8 / CE systems improved by approximately 2.5X.
- A new implementation of the Blake-2 algorithm has been added, using the AVX and AVX2 instructions (works 1.3 times and 1.4 times faster).
- SHA-1 and SHA-256 use Intel SHA extensions to achieve 4.0x and 3.7x speedups.
- A new GCM implementation has been added using ARMv7 / NEON instructions and is three times faster.
- 4.5x faster SHA-512 on AMD Ryzen 7 systems using SSSE3 instructions.
- 7x faster CRC calculation on 64-bit ARMv8 / CE using PMULL instruction.
- 40-70% faster implementation of CAST5 and 60-80% faster implementation of Blowfish.