plan.html 4.8 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
<?xml version="1.0" encoding="utf-8"?>
Niels Möller's avatar
Niels Möller committed
2
3
4
5
6
7
8
9
<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <link rel="stylesheet" title="Default"
      type="text/css" href="todo.css" media="all"/>
    <meta http-equiv="Content-Type"
Niels Möller's avatar
Niels Möller committed
10
      content="text/html; charset=utf-8"/>
Niels Möller's avatar
Niels Möller committed
11
<title>TODO for coming releases</title>
Niels Möller's avatar
Niels Möller committed
12
13
</head>
<body>
Niels Möller's avatar
Niels Möller committed
14
  <h1> Nettle release plans </h1>
Niels Möller's avatar
Niels Möller committed
15
  <p> This is an attempt at defining a development target for
Niels Möller's avatar
Niels Möller committed
16
    Nettle-3.1, inspired by similar pages for recent GMP releases.
Niels Möller's avatar
Niels Möller committed
17
    [Last updated 2015-03-19]</p>
Niels Möller's avatar
Niels Möller committed
18
19
20
21
22
23
24
25
26
27
28
29
  <p class='should'>
    This really ought to be done before release
  </p>
  <p class='wish'>
    Try to get this done before release
  </p>
  <p class='done'>
    Done!
  </p>
  <p class='postponed'>
    Leave for some later release!
  </p>
Niels Möller's avatar
Niels Möller committed
30

Niels Möller's avatar
Niels Möller committed
31
  <h1> Plans for nettle-3.1 </h1>
Niels Möller's avatar
Niels Möller committed
32
33

  <h2> Interface changes </h2>
34
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
35
36
    Review public functions in ecc.h, move some to ecc-internal.h, to
    enable sane support for other types of curves.
Niels Möller's avatar
Niels Möller committed
37
38
  </p>
  
Niels Möller's avatar
Niels Möller committed
39
  <h2> New features </h2>
Niels Möller's avatar
Niels Möller committed
40
41
42
  <p class='done'>
    Add support for curve25519.<span class='should'> What about the
    "x25519" name?</span>
Niels Möller's avatar
Niels Möller committed
43
  </p>
Niels Möller's avatar
Niels Möller committed
44
45
46
47
48
  <p class='done'>
    Update chacha-poly1305 to
    the <a href='https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-08'>current
    draft</a>.
  </p>
Niels Möller's avatar
Niels Möller committed
49
50
  <p class='done'>
    Add support for Ed25519 signatures.
Niels Möller's avatar
Niels Möller committed
51
  </p>
Niels Möller's avatar
Niels Möller committed
52
53
  <p class='done'>
    Interface tweaks. EdDSA, Curve25519, base64.
Niels Möller's avatar
Niels Möller committed
54
  </p>
Niels Möller's avatar
Niels Möller committed
55
56
  <p class='wish'>
    Add larger "safe" curves, e.g., M-383, curve41417 and E-521.
Niels Möller's avatar
Niels Möller committed
57
  </p>
Niels Möller's avatar
Niels Möller committed
58
  <p class='wish'>
Niels Möller's avatar
Niels Möller committed
59
60
    Add functions for converting ECC points to and from ANSI x9.62.
  </p>
Niels Möller's avatar
Niels Möller committed
61
  <p class='wish'>
Niels Möller's avatar
Niels Möller committed
62
63
64
    Use side-channel silent GMP functions for RSA and DSA. May require
    additional interface changes, to use mpn functions.
  </p>
65
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
66
    Make it possible to build nettle and hogweed using mini-gmp.
Niels Möller's avatar
Niels Möller committed
67
  </p>
Niels Möller's avatar
Niels Möller committed
68
  <p class='postpone'>
Niels Möller's avatar
Niels Möller committed
69
    Side-channel silent mem_equalp.
Niels Möller's avatar
Niels Möller committed
70
  </p>
Niels Möller's avatar
Niels Möller committed
71
72

  <h2> Optimizations </h2>
Niels Möller's avatar
Niels Möller committed
73
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
74
    Support for using AES acceleration.
Niels Möller's avatar
Niels Möller committed
75
  </p>
Niels Möller's avatar
Niels Möller committed
76

Niels Möller's avatar
Niels Möller committed
77
  <p class='postponed'>
Niels Möller's avatar
Niels Möller committed
78
    Assembly optimizations for ARMv8 (64-bit).
Niels Möller's avatar
Niels Möller committed
79
  </p>
Niels Möller's avatar
Niels Möller committed
80
81
82
83
84
85
  <p class='wish'>
    Further optimizations of curve25519 and EdDSA, in particular,
    radix 51 modp operations,
    and <a href='http://www.hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html#addition-add-2008-hwcd-3'>more
    efficient</a> point addition.
  </p>
Niels Möller's avatar
Niels Möller committed
86
87
88
  
  <h2> Miscellaneous </h2>
  <p class='should'>
89
90
91
    Use more functions from GMP-6 and later, when available:
    mpn_sec_add_1, mpn_sec_tabselect, mpn_sec_invert, mpn_cnd_swap,
    ...
Niels Möller's avatar
Niels Möller committed
92
  </p>
Niels Möller's avatar
Niels Möller committed
93
94

  <h2> Documentation </h2>
Niels Möller's avatar
Niels Möller committed
95
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
96
    Document curve25519.
Niels Möller's avatar
Niels Möller committed
97
  </p>
Niels Möller's avatar
Niels Möller committed
98
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
99
    Document EdDSA.
Niels Möller's avatar
Niels Möller committed
100
  </p>
Niels Möller's avatar
Niels Möller committed
101
  
Niels Möller's avatar
Niels Möller committed
102
  <h2> Build system </h2>
Niels Möller's avatar
Niels Möller committed
103
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
104
105
    Support for fat binaries on ARM and x86_64, selecting code at
    runtime depending on cpu capabilities.
Niels Möller's avatar
Niels Möller committed
106
  </p>
Niels Möller's avatar
Niels Möller committed
107
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
108
109
    Fix the handling of optional C source files with make dist.
  </p>
Niels Möller's avatar
Niels Möller committed
110
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
111
    Stop using the nonstandard <tt>.po</tt> extension.
Niels Möller's avatar
Niels Möller committed
112
  </p>
Niels Möller's avatar
Niels Möller committed
113
  <p class='done'>
Niels Möller's avatar
Niels Möller committed
114
115
    Reconsider assembly make rules, going back to an .asm.o: rule
    might work better with Solaris' make.
Niels Möller's avatar
Niels Möller committed
116
  </p>
Niels Möller's avatar
Niels Möller committed
117
118
  <p class='should'>
    Update AX_CREATE_STDINT_H to the latest version.
Niels Möller's avatar
Niels Möller committed
119
  </p>
Niels Möller's avatar
Niels Möller committed
120
  
Niels Möller's avatar
Niels Möller committed
121
122
123
124
  <h2> Testing </h2>
  <p> Since xenofarm isn't up and running, do some manual testing:
  </p>
  <ul>
Niels Möller's avatar
Niels Möller committed
125
126
127
128
129
130
131
132
133
134
135
    <li class='should> x86_64-linux-gnu</li>
    <li class='should'> x86-linux-gnu</li>
    <li class='should'> x86_64-freebsd</li>
    <li class='should'> x86-w*ndows (using cross compiler and wine)</li>
    <li class='should'> x86_64-w*ndows (using cross compiler and wine)</li>
    <li class='should'> x86-darwin (needs help from Nettle users)</li>
    <li class='should'> x86_64-darwin (needs help from Nettle users)</li>
    <li class='should'> armv7-linux-gnu (pandaboard test platform)</li>
    <li class='wish'> armv7-android </li>
    <li class='should'> sparc32-solaris10</li>
    <li class='should'> sparc64-solaris10</li>
Niels Möller's avatar
Niels Möller committed
136
137
  </ul>

Niels Möller's avatar
Niels Möller committed
138
  <h1> Changes under consideration for later releases </h1>
Niels Möller's avatar
Niels Möller committed
139

Niels Möller's avatar
Niels Möller committed
140
141
  <p> These are some other changes under consideration. </p>

Niels Möller's avatar
Niels Möller committed
142
  <h2> Interface changes </h2>
Niels Möller's avatar
Niels Möller committed
143
144
  <p class='should'>
    For Merkle-Damgaard hash functions, separate the state and the
Niels Möller's avatar
Niels Möller committed
145
146
    buffering. E.g., when using them for HMAC keyed "inner" and
    "outer" states, we now get three buffers but we only need one.
Niels Möller's avatar
Niels Möller committed
147
148
149
  </p>
  <p class='should'>
    Reorganize private key operations. Need to support RSA with and
Niels Möller's avatar
Niels Möller committed
150
    without blinding, and DSA according to spec and some deterministic
Niels Möller's avatar
Niels Möller committed
151
152
153
154
155
    variant (like putty
    or <a href='http://tools.ietf.org/html/rfc6979'>RFC6979</a>), and
    possibly also smartcard versions where the private key is not
    available to the library. And without an explosion of the number
    of functions.
Niels Möller's avatar
Niels Möller committed
156
157
158
  </p>
</body>
</html>