Skip to content

Version 3.6.4 2026-05-16

Latest
Latest

Choose a tag to compare

View all tags
@F1xGOD F1xGOD released this 16 May 21:54
· 29 commits to main since this release
v3.6.4
53954f8

[v3.6.4] - 2026-05-16

Compare: v3.6.3...v3.6.4

See CHANGELOG.md
for the full Added / Changed / Fixed / Notes breakdown and
RELEASE-NOTES-3.6.4.md
for the long-form write-up with the security-normalized perf
comparison vs 3.6.3.

Headlines

  • Cross-language KDF hardening. PBKDF2 200K → 600K (3×); Argon2id default 3 / 2¹⁵4 / 2¹⁶ (2.67×); short/heavy tiers bumped proportionally. 2–3× more attacker cost per password guess. Per-blob backwards compatible — 3.6.3 blobs decrypt at their original cost.
  • Zero-copy AES-GCM via JNI. New nativeAesGcm{Encrypt,Decrypt}OneShot entry points pin heap byte[] with GetPrimitiveArrayCritical. About +10–11 % on 16 MiB fwxAES encrypt. Crypto.aesGcm{Encrypt,Decrypt}WithIvInto now actually routes through the native backend when one is active (this was a latent bug — useJNI=true previously matched or trailed useJNI=false).
  • Java + Python KDF defaults aligned with C++. All three runtimes now pay the same security cost — the headline "fwxAES looks slower than 3.6.3" comparison previously came from C++ being hardened while Java/Python silently kept the weaker 3.6.3 cost.
  • Python EXDEV fix (os.replace cross-device-link) in b512/pb512 streaming and jmg paths when $TMPDIR is on a different filesystem from the output.
  • Python jmg master-key fallback. When master_pq.sk is missing (typical non-custodian deployments), decrypt_media / _recover_mask_key_from_blob now falls back to the user_blob / password path instead of raising FileNotFoundError.
  • Documentation. SECURITY.md sections on the default password-only crypto stance (already PQ-resistant) vs the opt-in ML-KEM-768 master-key wrap; SECURITY.md "roll-forward" clarification (releases are frozen, maintenance ships as a new release); RELEASE-NOTES-3.6.4.md long-form notes.

Fair perf vs 3.6.3 (rescaled to constant security strength)

runtime 3.6.3 (rescaled) 3.6.4 (now) delta
C++ 35.08 s 15.54 s −55.7 % faster
Java 60.61 s 24.14 s −60.2 % faster
Python 81.06 s 34.39 s −57.6 % faster

KDF-heavy paths (fwxAES, b512/pb512, *file, kFMe/kFAe, an7/dean7) all show −60 % to −80 % at constant security. Non-KDF micros flat within ±2 %.

Compatibility

  • Forward: 3.6.4 reads every 3.6.x blob.
  • Backward: 3.6.3 reads 3.6.4 blobs (PBKDF2 iters + Argon2 params stored inline).
  • PQ: ML-KEM-768 opt-in via useMaster=true / --with-master. Default password-only mode is already PQ-resistant via AES-256 (Grover ≈ 128-bit equivalent) + hardened Argon2id/PBKDF2.

Verifying

Every artifact ships with .sha256 / .md5 / optional .sig. Aggregate SHA256SUMS.txt, MD5SUMS.txt, release-manifest.json are attached. Release pipeline self-tests every binary with --version before publishing.

sha256sum -c basefwx-linux-amd64.sha256
gpg --verify basefwx-linux-amd64.sig basefwx-linux-amd64
Assets 34
Loading