Skip to content

SRI-CSL/liboqs

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

62 Commits

VisualStudio

VisualStudio

 
 

src

src

 
 

.gitignore

.gitignore

 
 

.travis-global-namespace-check.sh

.travis-global-namespace-check.sh

 
 

.travis-style-check.sh

.travis-style-check.sh

 
 

.travis.yml

.travis.yml

 
 

Doxyfile

Doxyfile

 
 

LICENSE.txt

LICENSE.txt

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

Repository files navigation

Build Status

liboqs

liboqs is a C library for quantum-resistant cryptographic algorithms.

Overview

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. liboqs initially focuses on key exchange algorithms. liboqs provides a common API suitable for post-quantum key exchange algorithms, and will collect together various implementations. liboqs will also include a test harness and benchmarking routines to compare performance of post-quantum implementations.

OQS will also include integrations into application-level protocols to provide easy prototyping of quantum-resistant cryptography. Our first integration is in OpenSSL:

  • open-quantum-safe/openssl is an integration of liboqs into OpenSSL 1.0.2. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality". See more about this integration in its GitHub repository open-quantum-safe/openssl/.

More information on OQS can be found on our website: https://openquantumsafe.org/.

Contents

liboqs currently contains:

  • rand_urandom_chacha20: pseudorandom number generator seeded from /dev/urandom and expanded using the ChaCha20 stream cipher
  • kex_rlwe_bcns15: key exchange from the ring learning with errors problem (Bos, Costello, Naehrig, Stebila, IEEE Symposium on Security & Privacy 2015, https://eprint.iacr.org/2014/599)
  • kex_rlwe_newhope: "NewHope": key exchange from the ring learning with errors problem (Alkim, Ducas, Pöppelmann, Schwabe, USENIX Security 2016, https://eprint.iacr.org/2015/1092) (using the reference C implementation of NewHope from https://github.com/tpoeppelmann/newhope)
  • kex_lwe_frodo: key exchange from the learning with errors problem (Bos, Costello, Ducas, Mironov, Naehrig, Nikolaenko, Raghunathan, Stebila, ACM Conference on Computer and Communications Security 2016, http://eprint.iacr.org/2016/659)

Building and Running

Builds have been tested on Mac OS X 10.11.6, macOS 10.12, Ubuntu 16.04.1, and Windows 10.

Linux and macOS

To build, clone or download the source from GitHub, then simply type:

make

This will generate:

  • liboqs.a: A static library with implementations for the algorithms listed in "Contents" above.
  • test_rand: A simple test harness for the random number generator. This will test the distance of PRNG output from uniform using statistical distance.
  • test_kex: A simple test harness for the default key exchange algorithm. This will output key exchange messages; indicate whether the parties agree on the session key or not over a large number of trials; and measure the distance of the sessions keys from uniform using statistical distance.

To run the tests, simply type:

make check

Windows

Windows binaries can be generated using the Visual Studio solution in the VisualStudio folder.

Documentation

Some source files contain inline Doxygen-formatted documentation. The documentation can be generated by running:

doxygen

This will generate the docs/html directory.

Contributing and using

We hope OQS will provide a framework for many post-quantum implementations.

In the immediate term, if you have feedback on our API (kex.h or rand.h), please contact us so we can ensure our API covers a wide range of implementation needs.

If you have or are writing an implementation of a post-quantum key exchange algorithm, we hope you will consider making an implementation that meets our API so that others may use it and would be happy to discuss including it directly in liboqs. Please take a look at our coding conventions.

If you would like to use liboqs in an application-level protocol, please get in touch and we can provide some guidance on options for using liboqs.

We are also interested in assistance from code reviewers.

Please contact Douglas Stebila <stebilad@mcmaster.ca>.

Current status and plans

Our initial launch was on August 11, 2016, containing a single key exchange algorithm (kex_rlwe_bcns15) with a basic test harness.

Since our initial launch, we have made the following updates:

  • Test harness for key exchange algorithms (pr/2)
  • Test harness for random number generator (pr/2)
  • Integration of liboqs into OpenSSL to enable testing of post-quantum algorithms in TLS connections (open-quantum-safe/openssl/)
  • Licensing liboqs under the MIT license (see below)
  • kex_lwe_frodo implementation (https://eprint.iacr.org/2016/659)
  • Building on Windows
  • Use of travis continuous integration system for testing
  • kex_rlwe_newhope wrapper around "NewHope" ring-LWE key exchange (https://eprint.iacr.org/2015/1092)

We plan to be making the following updates over the next month:

  • kex_rlwe_bcns15 generalization to multiple security levels
  • kex_ntru_ees743p1 wrapper around NTRU open source public key encryption (https://github.com/NTRUOpenSourceProject/ntru-crypto)
  • Benchmarking scripts for key exchange algorithms
  • Detailed Doxygen documentation for existing API and public functions
  • Modular build system

Over the next few months, we plan to be making the following updates:

  • Building on more systems, including building of assembly code / optimizations
  • Inclusion of a McEliece-based key exchange method
  • Inclusion of a supersingular isogeny Diffie–Hellman key exchange method
  • Code reviews including static analysis
  • Integration of liboqs into additional application-level protocols.

In the long term, we are also interested in including post-quantum signature schemes.

License

liboqs is licensed under the MIT License; see https://github.com/open-quantum-safe/liboqs/blob/master/LICENSE.txt for details. liboqs includes some third party libraries or modules that are licensed differently; the corresponding subfolder contains the license that applies in that case. In particular:

  • src/kex_rlwe_bcns15: public domain (http://unlicense.org)
  • src/rand_urandom_chacha20/external: public domain
  • src/kex_rlwe_newhope: public domain

Team

The Open Quantum Safe project is lead by Michele Mosca (University of Waterloo) and Douglas Stebila (McMaster University).

Contributors

  • Tancrède Lepoint (SRI)
  • Shravan Mishra (University of Waterloo)
  • Christian Paquin (Microsoft Research)
  • Alex Parent (University of Waterloo)

Support

Development of Open Quantum Safe has been supported in part by the Tutte Institute for Mathematics and Computing. Research projects which developed specific components of Open Quantum Safe have been supported by various research grants; see the source papers for funding acknowledgments.

About

C library for quantum-resistant cryptographic algorithms.

openquantumsafe.org/

Resources

Readme

License

View license
Activity
Custom properties

Stars

1 star

Watchers

16 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 97.9%
  • Makefile 1.8%
  • Shell 0.3%