2. Changelog
Any important changes to the project specification or wiki content will be documented here.
2.1. Version 2023.1 (12 April 2023)
Updated sharing requirements to limit only the owner to sharing operations
2.2. Version 2023.0 (6 April 2023)
Initial release for spring 2023
2.2.1. Fixed
Fixed a typo in the specification for
crypto.PasswordKDFwhich said that thepasswordargument was of typebytes, but thepasswordargument is really of typestr.
2.3. Version 2021.3 (April 6)
2.3.1. Fixed
Fixed a typo in the specification for
crypto.PasswordKDFwhich said that thepasswordargument was of typebytes, but thepasswordargument is really of typestr.
2.3.2. Changed
In the specification for
crypto.HMACEqual, changed the text in the Note to read “…vulnerable to timing attacks that allow the adversary to forge valid HMACs even without knowledge of the private key”. The Note previously read “…vulnerable to timing attacks that allow the adversary to extract the underlying HMAC key”, which is slightly inaccurate—attacks that extract the key are mainly related to the length extension attacks discussed in the Warning ofcrypto.Hash.
2.4. Version 2021.2 (March 28)
2.4.1. Added
In Sharing Methods, the following text was added: “Additionally, calls to
revoke_fileby the root user whereold_recipientisn’t a direct descendant of the root user in the sharing tree result in undefined behavior and will not be tested for any particular behavior.”In Sharing Methods, the following text was added: “While the behavior of the client is unspecified for the aforementioned “undefined” cases (and thus your client may handle such cases in any way it wants), you must make sure to preserve Confidentiality and Integrity even in undefined behavior cases, as the adversary may attempt such actions (or create their own malicious client that attempts similar actions).”
2.4.2. Removed
In the specification for
revoke_file, the following error case was removed: “If the calling user is not the root user in the sharing tree defined over the file namedfilename.”, as Sharing Methods states that this case results in undefined behavior.In the specification for
revoke_file, the following error case was removed: “Ifold_recipientis not a direct child of the calling user onfilename’s sharing tree.”, as Sharing Methods states that this case results in undefined behavior.
2.5. Version 2021.1 (March 22)
2.5.1. Changed
The list of adversary capabilities in Threat Model has been changed to a numbered list to make it easier to refer to.
Capability 3 of Threat Model has been updated. Specifically, the text “…and tamper with…” has been removed, and the text “(The adversary cannot tamper with or inject network traffic.)” has been added.
2.5.2. Added
Instructions on obtaining the Stencil Code were added to the wiki.
Code usage examples (in particular, a serialization example specific to public-private keys) were added to Section 6.2.1 and Section 6.2.2 of Serialization API.
Section 5.1.3 and Section 5.2.3 (in Asymmetric Encryption and Digital Signatures) were added to document the
from_bytesclass methods onAsymmetricEncryptKey,AsymmetricDecryptKey,SignatureVerifyKey, andSignatureSignKey, which are used to serialize the Python representation of those keys tobytesformat. This allows the keys to be stored on the Dataserver.A Warning was added to the documentation for the Memloc API.
The output length of the functions in Hash Functions and HMACs was added to the API documentation.
2.5.3. Fixed
Fixed minor typos that didn’t change the semantics of the project.
2.6. Version 2021.0 (March 19)
Initial project release.