The developers of the OpenBSD project announced the release of LibreSSL 4.3.0, a portable edition of the package aimed at providing enhanced security features. LibreSSL is a fork of OpenSSL that focuses on improving the quality of support for SSL/TLS protocols by removing unnecessary functionality, adding security features, and refining the code base. This release is considered experimental and will include features for OpenBSD 7.9.
Following the initial release, LibreSSL 4.3.1 was issued to address an assembly problem.
The main innovations in LibreSSL 4.3 include:
- Implementation of the hybrid key exchange algorithm “mlkem768x25519” for TLS, resistant to quantum computer attacks.
- Performance testing of the cryptographic algorithm ML-KEM using the “openssl speed” command.
- Support for the opportunistic TLS mechanism with the ManageSieve protocol (RFC 5804).
- Addition of support for the RSASSA-PSS digital signature generation algorithm in libssl.
- Various internal changes and fixes to enhance compatibility with OpenSSL.
/Reports, release notes, official announcements.