Botan 3.0.0 Cryptographic Library Released

On Wednesday, Botan 3.0.0 cryptographic library was released to the public. The library provides a vast selection of ready-made primitives used in various security applications, such as the TLS protocol, X.509 certificates, AEAD chiffrays, TPM, PKCS#11, password hash, and post-quantum cryptography signatures (Hash signatures and coordination of mceliece-based keys). Botan 3.0.0 is written in C++ and is supplied under the license, BSD. It is also used in the NEOPG project and GNUPG 2.

A few changes were made to the new issue of Botan 3.0.0. Firstly, the use of the C++20 standard is now allowed in the codebase. Alternatively, C++11 was previously used, and the requirements for compilers have been upped. Now, the assembly requires a minimum of GCC 11, Clang 14, or MSVC 2022. Compensers supporting HP and PathScale have been stopped, as well as Google NaCl and Includeos.

Secondly, many changes have been made that violate reverse compatibility. Several header files that are specific to certain algorithms (AES.H, etc.) have been removed. The implementation functions and algorithms previously declared obsolete (Cast-256, Misty1, Kasumi, Desx, XTEA, PBKDF1, MCeies, CBC-Mac, Tiger, Newhope, Cecpq1) have also been deleted.

Thirdly, support for the TLS 1.3 protocol has been added, and TLS 1.0, TLS 1.1, and DTLS 1.0 support has been stopped. The implementation of certain ciphers such as DSA, SRP, SEED, AES-128 OCB, CECPQ1, DHE_PSK, and Camellia CBC, anonymous ciphers, and Hashi Sha-1 have also been deleted.

Moreover, Botan 3.0.0 now supports the Kyber post-quantum cryptography algorithm, which is resistant to selection on a quantum computer. It also has support for the post-quantum cryptography algorithm Dilithium, which is used for working with digital signatures. The point-to-point on the elliptic curve has also been added with the SSWU technique.

Additionally, Botan 3.0.0 has added support for the cryptographic hash function Blake2b. It has a new software interface T::New_object, which returns unique_ptr instead of a bare pointer “T*”. A large set of new functions has also been added for use in the Code in SI (C89).

Finally,

/Reports, release notes, official announcements.