Powerauth Crypto Versions Save

PowerAuth - Open-source solution for authentication, secure data storage and transport security in mobile banking.

1.5.1

8 months ago

This release contains the following improvements:

  • Versioning of MAC token verification.
  • Dependency updates.

1.5.0

8 months ago

This release contains the following improvements:

  • Introduction of PowerAuth crypto protocol version 3.2.
  • Detection and prevention of replay attacks in standard ECIES encryption and token digests.
  • TOTP calculation for time-based one-time codes.
  • Allow overriding length of decimalized signatures.
  • PowerAuth crypto protocol versions 2.0 and 2.1 are no longer supported.
  • Java version updated to version 17.
  • Documentation updates.
  • Dependency updates.

1.4.0

1 year ago

This release contains following improvements:

  • Validation of PowerAuth protocol versions in HTTP headers.
  • Dependency updates.

1.3.0

1 year ago

This release contains following improvements:

  • Dependency updates.
  • Documentation improvements.

1.2.0

2 years ago

This release contains following improvements:

  • Improved resistance against timing side-channel attacks.
  • Tests migrated to JUnit 5.
  • Dependency updates.

1.1.0

3 years ago

This release contains following improvements:

  • Improved validation of public keys during import.
  • Increased salt size for Argon2 hashes.
  • Various minor improvements of code quality.
  • Dependency updates.

1.0.0

3 years ago

This release contains following improvements:

  • Random generator switched to the Bouncy Castle implementation which provides better quantum attack resistance for generated keys.
  • Improved handling of unknown signature types.
  • Dependency updates.

0.24.0

4 years ago

This release contains following improvements:

  • Crypto provider abstraction has been removed, Bouncy Castle is available as the only provider.
  • OTP_USED activation state renamed to PENDING_COMMIT.
  • Length of generated authorization OTP code can be specified.
  • Documentation updates related to the additional activation OTP feature.
  • Dependency updates.

0.23.0

4 years ago

Changes related to PowerAuth protocol version 3.1:

  • Improved information entropy in PowerAuth online signatures using BASE64 encoding.
  • Improved protection of encrypted status blob against possible replay attacks.
  • Improved protection of payload encrypted by our ECIES scheme.
  • Improved protocol reliability by allowing the mobile client to synchronize its counter with the server.

Additional improvements and bug fixes:

  • Fix for classloader issues with Bouncy Castle library.
  • Improved error logging.
  • Dependency updates related to security advisories.

0.22.0

4 years ago

This release contains following improvements:

  • Cryptography support for activation recovery using recovery code and PUK
  • Hashing of recovery PUKs using the Argon2i algorithm
  • Updated Bouncy Castle dependency to version 1.61
  • Library can be deployed on Java 11