Boring crypto that simply works

Latest News

Atom feed

2018/08/23 Monocypher 2.0.5 is out. Much faster EdDSA signatures and verification.

2018/06/27 My financial situation is changing, and I can no longer afford to pay for bugs if they ever come up (not that I expect any). The bounty program is therefore suspended. It should be reinstated as my savings grow back to reasonable levels.

2018/06/25 A critical vulnerability in EdDSA signature verification has been found. Update to version 2.0.4 or 1.1.1 as soon as possible.

2018/06/18 Monocypher 2.0.3 is out. Fixes the recently found undefined behaviour.

2018/06/12 André Maroneze found an undefined behaviour in Monocypher 2.0.2, using Frama-C. This should have awarded him 100€ (it's a tier 3 bug), but gracefully declined it on the grounds that he was doing this for work, and thus may not be allowed to receive it. Note: the TIS interpreter could have detected the bug, but I didn't want to wait the 15+ hours required to run the entire test suite. Now I will.

2018/04/23 We now run a bug bounty program for potentially dangerous bugs.

2018/04/23 Monocypher 2.0.2 is out. Mostly a bugfix release.

2018/03/07 Monocypher 2.0.1 is out. No visible change, just a little patch to enhance auditability.

2018/03/06 A semi-formal proof that Monocypher's Poly1305 works was conducted. This applies to an upcoming patch of Monocypher, which will enhance auditability.