Skip to main content

· One min read

Version 4.0

note

Since this is a major version, the license key for your build will have changed

  • Jailbreak Add-on removed - both Android and iOS operating systems have made our previous detection techniques obsolete. iOS cannot be jailbroken anymore for several releases now. Android that is jailbroken with “Magisk” tools cannot be detected, therefore it rendered our jailbreak useless.

  • New Add-on: Elliptic Curve Diffie-Hellman (ECDH)

  • New Add-on: CRYSTALS-Kyber

  • New Kyber Hash Algorithms: SHA3_STD and SHA2_90S

  • New Random Number utility to seed the ECDH and Kyber add-ons

  • Added the 'Paired Licenses' capability, which means that only paired-licensed MTE Builds will be able to communicate with one another.

  • MKE now supports compatibility between non-chunked and chunked

  • MKE no longer supports "ECB" and "CBC" cipher algorithms

  • Fixed C struct macros that started to fail on certain C++ compilers under certain build configurations.

· One min read

Version 3.1

note

The license key has NOT changed

  • Added build support for the nRF52833 microcontroller, including AES hardware acceleration.
  • Demo improvements.
  • Language interface improvements.
  • Documentation improvements.
  • Removed unnecessary interfaces in WASM language interface when add-ons are not used.

· One min read

Version 3.0.0

  • Refactored C API for efficiency and size.
  • Internal improvements to reduce library size and improve performance.
  • Added thin wrapper API for language interfaces that cannot use the new C API.
  • Removed C "supplemental" API.
  • Updates to language interfaces to handle minimum-size release build changes and edge cases.
  • Renamed Vault to Secure Data Replacement (SDR).
  • Added build support for the 24FJ128GA204 microcontroller.
  • Added build support for the ATMEGA2560 microcontroller.
  • Added build support for the AVR128DA48 microcontroller.
  • Added demos for WASM/JS SDR.
  • Set minimum iOS/macOS target to avoid linker warnings.
  • Set minimum Android target.
  • Simplified WASM/JS APIs to use fewer stringified numbers where possible.
just so you know

MTE 3.x encoded messages are completely compatible with 2.x, so any combination of 2.x and 3.x encoder and decoder will work fine, easing the transition.

licensing

Licensed versions of the library will require new license codes for 3.x, as license codes are tied to the major version.

· One min read

Version 2.2.0

  • Add WASM/JS MTE Vault implementation
  • Support Java Exception serialization
  • Pin all internal buffers in C# language interfaces to work around a bug in at least some C# compiler/runtime combinations that move buffer location without copying contents
  • Update MKE C# interface to support strings more efficiently
  • Redesign the WASM/JS SDK to create a single package that supports CommonJS modules, ECMAScript modules, and Typescript
  • Fix an issue with WASM/JS where the saved state array would become invalid if the encoder/decoder was deleted
  • Clarify Swift exception throwing in MTE Vault

· One min read

Version 2.1.2

  • Zero the async saved state when not using async to allow the state to be used with async.
  • Added build support for the 32MM0064GPL036 microcontroller.
  • Added build support for the Apple M1.
  • Changed Java MteVault exception handling to use a custom exception class that is checked so it cannot be accidentally ignored.
  • Fixed issue with iOS SHA-512 ARM64 PAA detection.

· One min read

Version 2.1.1

  • Fixed issue with missing enum strings for cipher and hash in Trial mode.
  • Minor comment cleanup.
  • Minor updates to Java language interface to address Android Studio warnings.

· One min read

Version 2.1.0

  • Fixed alignment issue in increment DRBG.
  • ESP32 hardware acceleration is now optional in case the hardware is used by other tasks.
  • Changed C# namespace to Eclypses.MTE for the main language interface and Eclypses.MTE.Interop for the internal interop classes.
  • Added C# interfaces to define the classes' interfaces.
  • Added MTE Vault in Swift and Java.

· One min read

Version 2.0.1

  • Language interface improvements.
  • Fixed issue with C# constructor exceptions.
  • Fixed C# warnings.
  • Fixed issue with MKE chunk encryption and unaligned buffers.
  • Fixed issues with Go's handling of zero-length buffers.
  • Fixed Go MKE decrypt chunking issue.
  • Changed naming of Go cgo functions.
  • Fixed issue with Python initializer exceptions.
  • Fixed issue with WASM Jailbreak nonce mutator.

· 3 min read

Version 2.0.0

  • The ECL library's implementations of AES, SHA, and DRBGs is now used instead of MTE's original implementation.
  • The ECL library's ESP32 implementation uses the ESP32's hardware cryptographic modules instead of software to the extent possible.
  • The MTE algorithm has changed to add additional security. MTE 2.x outputs are not compatible with MTE 1.x outputs.
  • The developer's guides have been updated extensively.
  • The ARM64 functions and classes have been removed. The ARM64 PAA is now automatically enabled when available.
  • The self-test functions have been removed.
  • A new global init function is now required to be called in all cases. The language interfaces other than C take care of this automatically.
  • The status codes have been rearranged to align with ECL. Some new codes were added as well.
  • Save/restore state functions now return status which should be checked like all other status returns. The status may return an error when certain DRBG implementations are used.
  • The language interfaces no longer claim to zeroize the nonce, since that never happened and was never a requirement.
  • The language interfaces now zeroize the entropy in all cases where the language allows it for consistent security and to avoid confusion about when it happens or doesn't. The languages that do not allow it are commented to warn you about it not being zeroized.
  • The core and fixed-length limited input range feature has been removed. All APIs that took the input byte range have changed to remove those options. All possible inputs are now supported in all cases.
  • The MKE interface has been changed to remove the minToEncrypt option and always do encryption.
  • MKE encrypt and decrypt chunk now return a status which must be checked.
  • The MKE encrypt chunk interface changed to use state like decrypt.
  • The Base64 state restore API has been improved to not overwrite the input.
  • The entropy, nonce, and timestamp callbacks are no longer virtual (or equivalent). There are now callback interfaces to allow you to use a plugin to override any or all of the callbacks instead of deriving from an encoder or decoder class. This allows for more reuse and is easier to use.
  • The jailbreak detection classes have been condensed down to use the new nonce plugin.
  • There are now Node.js command line WASM demos in addition to the browser demos.
  • Language interfaces have added default constructors/initializers/factory methods which should be used in most cases. The default constructors take care of build-time options and will default to reasonable runtime options. Only in cases where you have runtime options you need to control fully should you use the constructors/initializers that take all options.
  • Language interfaces are now versioned to match the MTE version and check for a match against the library to ensure compatibility.
  • The C# language interface has been tweaked to support older .NET versions. The developer's guide lists the supported versions.
  • Added additional documentation files describing how to set up MTE-capable projects in Android Studio and Xcode.

· One min read

Version 1.5.1

  • Updated Java language interfaces to work around different Java versions' handling of ByteBuffer.position().
  • Fixed C# MKE decoder interface chunking issue with certain combinations of options and inputs.
  • Fixed Java MKE decoder interface chunking issue with certain combinations of options and inputs.
  • Fixed Go issue with non-minimum entropy size.
  • Added guidance about C# interop to the developer's guide.
  • Added DLL fallback to working directory on Windows for Python.
  • Enhanced C# interop to look in the working directory if the dynamic library cannot be found.