Libgcrypt, the backbone of cryptographic operations for many Linux distros and apps, has launched its 1.11.0 version. This new stable branch maintains full API and ABI compatibility with its predecessor, the 1.10 series.
As a general-purpose library based on the code from GnuPG, Libgcrypt provides a broad array of cryptographic building blocks while not directly implementing any specific protocol like OpenPGP.
Key Features in Libgcrypt 1.11.0
The new version introduces several functionalities aimed at modernizing its capabilities:
- New Interfaces and Algorithms: The release integrates the Classic McEliece algorithm and several new Key Derivation Functions, such as HKDF and X963KDF. In addition, Libgcrypt 1.11.0 adds support for quantum-resistant algorithms, such as KEM, Streamlined NTRU Prime sntrup761, and Kyber, which are aligned with the latest FIPS standards.
- New API Functions: Notable additions include Key Encapsulation Mechanism (KEM) APIs and various new hash and MAC algorithms, enhancing flexibility and security for application developers.
- Performance Optimizations: Significant improvements have been made to widely used common CPU architecture algorithms. This includes enhanced support for ARMv8/AArch64/CE, ARMv9, and PowerPC platforms, which means that applications using Libgcrypt can perform faster cryptographic operations on these CPUs.
Moreover, Libgcrypt 1.11.0 has patched several bugs and enhanced its internal operations to ensure that cryptographic processes are more secure and resilient against attacks.
Additionally, the update ensures backward compatibility, allowing developers to upgrade without overhauling existing applications that rely on earlier versions of the library.
Check out theย announcement for more information about all novelties. Developers eager to integrate or update Libgcrypt 1.11.0 can access the source code via the GnuPG server or its mirrors.
