Halite v5.0.0 Release NotesRelease Date: 2022-01-19 // over 1 year ago
- Increased minimum PHP version to 8.0.
- 🔒 Security: Asymmetric encryption now uses HKDF-BLAKE2b to extract a 256-bit uniformly random bit string for the
encryption key, rather than using the raw X25519 output directly as an encryption key. This is important because
Elliptic Curve Diffie-Hellman results in a random group element, but that isn't necessarily a uniformly random bit
- Because Halite v4 and earlier did not perform this step, it's superficially susceptible to Cheon's attack. This reduces the effective security from 125 bits (Pollard's rho) to 123 bits, but neither is a practical concern today.
- 🔒 Security: Halite v5 uses the PAE strategy from PASETO to prevent canonicalization attacks.
- 🔒 Security: Halite v5 appends the random salt to HKDF's
infoparameter instead of the
saltparameter. This allows us to meet the KDF Security Definition (which is stronger than a mere Pseudo-Random Function).
- Encryption now uses XChaCha20 instead of XSalsa20.
- 👍 The
Fileclass no longer supports the
resourcetype. To migrate code, wrap your
resourcearguments in a
- ➕ Added