Added

* The member implementation now provides an internal interface that
  gives guidance on partitioning member operations between highly
  sensitive ones that use f value of the private key, and less
  sensitive operations that can be performed in a host environment.

* New member API `EpidAssemblePrivKey` was added to help assemble and
  validate the new member private key that is created when a member
  either joins a group (using the join protocol) or switches to a new
  group (as the result of a performance rekey).

Changed

* Updated Intel(R) IPP Cryptography library to version 2017 (Update 2).

* The mechanism to set the signature based revocation list (SigRL)
  used for signing was changed. `EpidMemberSetSigRl` must be used to
  set the SigRL. The SigRL is no longer a parameter to `EpidSign`.
  This better models typical use case where a device stores a
  revocation list and updates it independently of signing operations.

Removed

* Removed `EpidWritePreSigs` API. Serialization of pre-computed
  signatures is a risky capability to provide, and simply expanding
  the internal pool via `EpidAddPreSigs` still provides most of the
  optimization benefits.

* The `EpidIsPrivKeyInGroup` API is no longer exposed to clients. It
  is no longer needed because the new member API `EpidAssemblePrivKey`
  performs this check.

Fixed

* When building with commercial version of the Intel(R) IPP
  Cryptography library, optimized functions are now properly invoked,
  making signing and verification operations ~2 times faster

* SHA-512/256 hash algorithm is now supported.

* README for compressed data now correctly documents the number of
  entries in revocation lists.

* The `verifysig` sample now reports a more clear error message for
  mismatched SigRLs.

* The default scons build will now build for a 32-bit target on a
  32-bit platform.

Known Issues

* Scons build will not work natively on ARM. You can still build using
  `make` or cross compile.