v2.2.0

Clatter v2.2.0

PSK validity security fixes and stabilization of hybrid handshake types

#18 reported a severe security issue with some PQ *_psk0 handshake pattern variants which offended
the PSK validity rule. This issue is fixed by removing the offending default patterns and by implementing
runtime checks against invalid patterns. This issue is further explained in the related security advisory.

Upon this release the HybridHandshake type is stabilized with some final changes to PQ token ordering.
Motivated by the PSK validity issue some runtime checks were also implemented to guarantee correct PQ
token ordering in handshake messages.

What's Changed

• Expose SymmetricState by @jmlepisto in #16
• Pattern validity rules by @jmlepisto in #19
• Add PR check for no_std compatibility by @jmlepisto in #20

Compatibility

• Clatter v2.2.0 removes the offending default handshake types but is otherwise API compatible with earlier versions
  • Clatter v2.2.0 adds some new error variants in a non-breaking manner
• Clatter v2.2.0 HybridHandshake is not protocol-compatible with earlier versions

Full Changelog: clatter-v2.1.0...clatter-v2.2.0

v2.1.0

Clatter v2.1.0

Experimental True hybrid handshake support

What's Changed

• Hybrid dual layer handshake type by @jmlepisto in #11
• Experimental True hybrid handshakes by @jmlepisto in #12
• Add proper error handling for cipher operations by @jmlepisto in #13
• Test restructuring by @jmlepisto in #14

Full Changelog: clatter-v2.0.0...clatter-v2.1.0

v2.0.0

Clatter v2.0.0

RNG support via getrandom and a simplified handshake type API

What's changed

• Handshakers will now fetch RNG sources automatically using getrandom
• Targets with absolutely no getrandom support (nor the ability to add support manually) can use the lower level handshaker core types
• Dedicated feature flag getrandom controls this behavior independently of feature std
• std feature enabled by default
• Replaced unmaintained PQClean Kyber with PQClean ML-KEM
• MSRV defined (1.81.0)

Compatibility

• Clatter v2.0.0 is not API compatible with earlier versions
• Clatter v2.0.0 is protocol-compatible with Clatter v1.1.0
  • PQClean Kyber (use-pqclean-kyber) no longer available

Full Changelog: clatter-v1.1.0...clatter-v2.0.0

v1.1.0

Clatter v.1.1.0

Adds missing features and includes minor tweaks for better user experience

What's Changed

• Ability to fetch peer keys during handshake via get_remote_static() and get_remote_ephemeral()
• Protocol naming scheme changed to be compatible with Nyquist when the same KEM is used for ephemeral and static operations
• Renamed RustCrypto Kyber wrapper to ML-KEM
• Dedicated Rng marker trait for compatible RNG sources

Compatibility

Post-quantum handshakes are not protocol compatible with v1.0.0 due to the protocol naming changes.
This is an inconvenience, but better make this change sooner than later.

Full Changelog: clatter-v1.0.0...clatter-v1.1.0

v1.0.0

Clatter is now available! 🎉

Introducing the first version of Clatter, a high-quality no_std implementation of Noise protocol framework with Post-Quantum support included!

Highlights

• Pre-made and redundantly verified support for all fundamental Noise handshake patterns
• Support for all cutting-edge Post-Quantum handshake patterns introduced by PQNoise
• 100% no_std compatible
• Support for simple and ultra-secure hybrid encryption schemes as DualLayerHandshake

Happy encrypting!
Please feel encouraged to open discussion or tickets if you notice any issues or wish for a specific feature in the next release.