Gnuk version 0.20

NIIBE Yutaka gniibe at fsij.org
Tue Jun 19 03:29:27 CEST 2012 

Hi,

Gnuk version 0.20 is released.

Gnuk is software implementation of a USB token for GNU Privacy Guard.
Gnuk supports OpenPGP card protocol version 2, and it runs on
STM32F103 processor.

I intend this release as a kind of "release candidate" to version 1.0.
No new features will be added for version 1.0.  Perhaps, some tool
will be added though.

In this release, key generation feature is added.


Highlights are (in gnuk-0.20/NEWS):

* Key generation feature added

  Finally, key generation is supported.  Note that it may be very
  slow.  It may take a few minutes (or more) to generate two or three
  keys, when you are unlucky.


* DnD pinentry support is deprecated

  Once, DnD pinentry was considered a great feature, but it found that
  it is difficult to remember moves of folders.


* gnuk_upgrade.py assumes using another token for authentication

  Use of another token for authentication is assumed now.  This is
  incompatible change.  Note that when you upgrade a token of version
  0.19 to 0.20 (or later), you need gnuk_upgrade.py of version 0.19.


* KDF (Key Derivation Function) is now SHA-256

  Keystring is now computed by SHA-256 (it was SHA1 before).


* Protection improvements (even when internal data is disclosed)

  Three improvements.  (1) Even if PW1 and Reset-code is same, content
  of encrypted DEK is different now.  (2) DEK is now encrypted and
  decrypted by keystring in ECB mode (it was just a kind of xor by
  single block CFB mode).  (3) Key data plus checksum are encrypted in
  CFB mode with initial vector (it will be able to switch OCB mode
  easily).


* LED display output change

  LED display output by Gnuk is now more reactive.  It shows status
  code when it gets GET_STATUS message of CCID.  When you communicate
  Gnuk by internal CCID driver of GnuPG (instead of PC/SC), and enable
  'debug-disable-ticker' option in .gnupg/scdaemon.conf, it is more
  silent now.
-- 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20120619/36de1635/attachment.pgp>

More information about the Gnupg-devel mailing list