Releases: stef/libsphinx
same as v1.1.0
Security Fix
Attention! This release is backward incompatible with, it changes the function sphinx_finish() by adding one additional parameter.
This release contains one security fix for the following active attack where the attacker is able to inject answers between the sphinx client and server and is additionally able to sniff the password used for authentication:
client blinds password: H(p)^r - and sends it to the oracle
attacker races the answer from the oracle and simply reflects back alpha to the client
client unblinds and hashes the response: rwd = H(p,H(p)^(r*1/r))
attacker sniffs rwd
attacker can offline bruteforce the password
in this fix we enforce that the client checks in sphinx_finish() that the request send is not equal to the response. This way the attacker is forced to also include a scalar multiplication in their bruteforce attack, making it computationally more expensive.
However note that an attacker returning alpha*2 or some other small multiplier will still be able to mount a significantly cheaper bruteforce attack against the master password. This is unavoidable and well-known issue and outside of the scope of SPHINX.
maintenance release for debian packaging
this release contains no changes, except for moving /debian into a seperate branch for debian packaging.
minor release including debianization
this release includes hopefully everything to have it packaged under debian.
stable v1.0 release
stable release.
Undecaffed release
Undecaffed sphinx, now solely based on sodium. also moved opaque into its own repo.
prefixed public functions, makefile improvements
This release contains an install target to the makefile, an updated goldilocks dependency and all public functions bearing prefixes.
beta release before v1.0
This release should provide full and stable Sphinx and experimental Opaque functionality. The Opaque API might undergo some simplification before v1.0. But currently there are no other issues or outstanding features planned before a v1.0