OpenSSL Blog

OpenSSL 3.1 Final Release

Posted by Matt Caswell ,

We are pleased to announce that the forthcoming OpenSSL 3.1 release is to be made available on 14th March 2023.

OpenSSL 3.1 is mostly a small increment over the functionality available in OpenSSL 3.0. The main changes are:

  • A FIPS 140-3 compliant FIPS Provider.

    The FIPS provider has been upgraded to be FIPS 140-3 compliant. We are working with our FIPS lab to submit our FIPS 140-3 validation to CMVP based on the 3.1.0 release. It is likely to be quite some time before any validation certificate is issued due to the CMVP waiting times for this. Note that it is possible to upgrade to 3.1 to gain the performance improvements below, and still use the 3.0 FIPS provider.

    There are a number of changes to the FIPS provider that have been required in order to achieve this compliance. The most significant ones are:

    • Some algorithms are included in the provider but are no longer approved for use. These include Triple DES ECB, Triple DES CBC and EdDSA. For backwards compatibility reasons they remain in the FIPS provider but are marked with the fips=no property query. This means that all applications requiring FIPS compliance should explicitly specify fips=yes even if they only have the FIPS provider loaded (typically either via config or by using the EVP_default_properties_enable_fips() function)
    • The self tests are now run every time the module is loaded - rather than when the module is installed. Due to a streamlining in the self test process by NIST, these tests run considerably faster than they do in the 3.0 FIPS provider.

  • Numerous performance improvements

    There have been numerous performance improvements implemented compared to the OpenSSL 3.0 release.

    Particular highlights include:

    • Refactoring of the OSSL_LIB_CTX code to avoid excessive locking
    • Performance improvements in the encoder and decoder frameworks
    • Performance fixes to internal data structures and caching (e.g. hash structures, IV caching)
    • Improved FIPS RSA keygen performance
    • Various assembler optimisations to a number of different algorithms (e.g. AES-GCM, ChaCha20, SM3, SM4, SM4-GCM) across multiple processor architectures

Please download OpenSSL 3.1 from our usual location when it becomes available on 14th March 2023.