OpenSSL 1.1.1 has been released, this is a new long-term support release (LTS), and the development team is committed to providing at least five years of support.
Since the release of 1.1.0, more than 200 individual contributors have submitted nearly 5,000 commits. The most important change in OpenSSL 1.1.1 is the addition of support for TLS v1.3 (RFC8446).
The advantages of TLS v1.3 include:
- Reduced connection time by reducing the number of round trips required between the client and server.
- In some cases, the client can immediately begin sending encrypted data to the server without any round trips (called 0-RTT or “early data”) with the server.
- Increased security by removing various outdated and insecure encryption algorithms and handshake encryption.
Other highlights of OpenSSL 1.1.1 include:
- Completely rewrite the OpenSSL random number generator to introduce the following features:
- The default RAND method now utilizes an AES-CTR DRBG according to NIST standard SP 800-90Ar1.
- Support for multiple DRBG instances with seed chaining.
- There is a public and private DRBG instance.
- The DRBG instances are fork-safe.
- Keep all global DRBG instances on the secure heap if it is enabled.
- The public and private DRBG instance are per thread for lock-free operation
- Support for a variety of new encryption algorithms, including:
- SHA512/224 and SHA512/256
- EdDSA (including Ed25519 and Ed448)
- X448 (adding to the existing X25519 support in 1.1.0)
- Multi-prime RSA
- ARIA (including TLS support)
- Bypass attack security improvement
- Maximum Fragment Length TLS Extended Support
- A new STORE module is implemented that implements a consistent URI-based storage reader that can contain keys, certificates, CRLs, and many other objects.