Skip to content

Releases: open-quantum-safe/liboqs

liboqs version 0.7.2

21 Aug 19:54
Compare
Choose a tag to compare

liboqs version 0.7.2

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key exchange for TLS 1.3, and post-quantum and hybrid X.509 certificate generation and CMS operations.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
  • OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.

Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is version 0.7.2 of liboqs. It was released on August 21, 2022.

Security considerations

This release removes Rainbow level 1 and all variants of SIDH and SIKE due to cryptanalytic breaks of those algorithms. Users are advised to move away from use of those algorithms immediately.

What's New

This release continues from the 0.7.1 release of liboqs.

The goal of this release is to provide a final release for algorithms that were included in Round 3 of the NIST Post-Quantum Standardization project. As the security status of some algorithms changed during Round 3, it drops algorithms known to be broken as of release (Rainbow level 1, SIKE). Some algorithms also updated their specification during Round 3; version 0.7.2 does not incorporate any algorithm changes that result in different input/output behaviour compared to version 0.7.1; such changes will included in version 0.8.0.

The next release of liboqs, version 0.8.0, will remove some algorithms that did not advance beyond NIST Round 3, update implementations based on algorithm/specification revisions that happened during Round 3, and begin to incorporate Round 4 changes. Discussion of algorithms to be removed in version 0.8.0 can be found in #1245.

Key encapsulation mechanisms

  • Kyber: Update implementation and switch use of symmetric crypto to OQS common code
  • HQC: Fix build on gcc-12
  • SIKE: Remove SIKE due to break (https://eprint.iacr.org/2022/975)

Digital signature schemes

  • Dilithium: Add ARMv8 optimized implementation and switch use of symmetric crypto to OQS common code
  • Picnic: Update implementation
  • Rainbow: Remove Rainbow level 1 due to break (https://eprint.iacr.org/2022/214)

Other changes

  • Add support for building on powerpc64
  • Update XKCP implementation
  • Improve SHA2 implementation on ARMv8
  • Improve AES implementation on ARMv8
  • Add aarch64 CPU feature detection on FreeBSD
  • Improve cross-compiling on Windows
  • Enable integration of liboqs into other CMake-based projects
  • Increment shared object library version

Detailed changelog

liboqs version 0.7.1

16 Dec 18:40
Compare
Choose a tag to compare

liboqs version 0.7.1

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • oqs-provider: A standalone prototype of liboqs-based key exchange for TLS 1.3 using the OpenSSL 3 (alpha) provider integration mechanism.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
  • OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.

Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is version 0.7.1 of liboqs. It was released on December 16, 2021.

What's New

This release continues from the 0.7.0 release of liboqs.

Key encapsulation mechanisms

  • Add NTRU level 5 parameter sets (ntruhps40961229, ntruhrss1373)
  • Add NTRU Prime level 5 parameter sets (ntrulpr1277, sntrup1277)
  • Add ARMv8 aarch64 optimized implementations of Kyber and SABER
  • Minor updates to Kyber, NTRU, NTRU Prime, and SIKE implementations

Digital signature schemes

  • Minor updates to Dilithium implementation

Other changes

  • Optimized AES implementation on ARMv8 with crypto extensions.
  • Preliminary support for building on S390x platform
  • Improved build configurations on ARM platforms
  • Improvements to benchmarking harness, with improved precision on ARM platforms

Detailed changelog

Full Changelog: 0.7.0...0.7.1

liboqs version 0.7.0

11 Aug 21:23
Compare
Choose a tag to compare

liboqs version 0.7.0

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • oqs-provider: A standalone prototype of liboqs-based key exchange for TLS 1.3 using the OpenSSL 3 (alpha) provider integration mechanism.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.

Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, and nginx. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is version 0.7.0 of liboqs. It was released on August 11, 2021.

What's New

This release continues from the 0.6.0 release of liboqs.

Key encapsulation mechanisms

  • Update BIKE to Round 3 (version 3.2) -- add BIKE1, BIKE3, remove BIKE1-L1-CPA, BIKE1-L1-FO, BIKE1-L3-CPA, BIKE1-L3-FO
  • Update NTRU Prime implementation
  • Update SIKE implementation
  • Remove OQS_KEM_DEFAULT alias

Digital signature schemes

  • Remove OQS_SIG_DEFAULT alias

Other changes

  • Allow liboqs to build on other architectures, with preliminary builds on ppc64le and x86.
  • Support for building liboqs on Apple Silicon
  • New algorithm datasheets with more details on implementations.
  • Optimized SHA-256 implementation on ARMv8 with crypto extensions.

liboqs version 0.6.0

08 Jun 14:43
Compare
Choose a tag to compare

liboqs version 0.6.0

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • oqs-provider: A standalone prototype of liboqs-based key exchange for TLS 1.3 using the OpenSSL 3 (alpha) provider integration mechanism.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.

Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, and nginx. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is version 0.6.0 of liboqs. It was released on June 8, 2021.

What's New

This release continues from the 0.5.0 release of liboqs.

Key encapsulation mechanisms

  • Update Classic McEliece implementation
  • Bug fixes in SIKE
  • Bug fixes in HQC
  • Change unsigned char to uint8_t in KEM API
  • Fix wrong NIST level for Kyber768-90s

Digital signature schemes

  • Update SPHINCS+ to Round 3 version

Other changes

  • Improve random number generator when not relying on OpenSSL
  • Improve run-time and compile-time guarding of optimized code
  • Remove (unused) AES decryption code from common symmetric encryption code
  • Replace AES plain C implementation with a constant-time version
  • Update Windows cross-compiling toolchain
  • Build options changed:
    • By default, liboqs is now no longer built by default with CPU runtime feature detection and thus resulting executables may crash if not compiled suitably for the CPU on which the code shall be executed. For Docker files, we recommend setting OQS_DIST_BUILD to obtain code able to handle different CPU feature sets. Also, OQS_OPT_TARGET can be used to target a specific CPU at compile time. These flags are documented on the build options wiki page.

liboqs version 0.5.0

10 Mar 18:31
Compare
Choose a tag to compare

liboqs version 0.5.0

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • oqs-provider: A standalone prototype of liboqs-based key exchange for TLS 1.3 using the OpenSSL 3 (alpha) provider integration mechanism.
  • OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into SSH in our fork of OpenSSH 7.9; see the OQS-master branch of our OpenSSH fork's repository.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.

Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, and nginx. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is version 0.5.0 of liboqs. It was released on March 10, 2021.

What's New

This release continues from the 0.4.0 release of liboqs. Its main goal is to incorporate updates submitted to Round 3 of the NIST Post-Quantum Cryptography Standardization Project.

Deprecations

As a result of NIST's announcement of Round 3 of the Post-Quantum Cryptography Standardization Project, the 0.4.x series was the last release of liboqs to contain algorithms from Round 2 that are not Round 3 finalists or alternate candidates. Those algorithms have been removed in the 0.5.0 series. The algorithms in question are: NewHope, ThreeBears, MQDSS, and qTesla.

Key encapsulation mechanisms

  • BIKE: No changes.
  • Classic McEliece: Added AVX2 implementation.
  • FrodoKEM: Incorporate upstream bug fixes and add runtime CPU feature detection for AVX2/AES-NI implementation.
  • HQC: Update to Round 3 version.
  • Kyber: Update to Round 3 version.
  • NTRU: Incorporate upstream bug fixes.
  • NTRUPrime: Add NTRUPrime.
  • Saber: Update to Round 3 version.
  • SIKE: Update to version 3.4.

Digital signature schemes

  • Dilithium: Update to version 3.1.
  • Falcon: Update to Round 3 version.
  • Picnic: Update to Picnic v3.0.4.
  • Rainbow: Update to Round 3 version.
  • SPHINCS+: Incorporate upstream bug fixes.

Other changes

  • Support for building liboqs with CPU extensions has been enhanced, and most implementations now have runtime CPU feature detection.
  • A tool for benchmarking memory usage has been added (test_kem_mem and test_sig_mem).
  • Valgrind is used to check for secret-dependent branch throughout the library. Note that not all implementations currently avoid secret-dependent branching; see tests/constant_time for details.

liboqs version 0.4.0

12 Aug 00:30
Compare
Choose a tag to compare

liboqs version 0.4.0

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • OQS-OpenSSH 7.9 portable 1: A prototype integration of liboqs-based authentication and key exchange into SSH in our fork of OpenSSH 7.9; see the OQS-master branch of our OpenSSH fork's repository.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is version 0.4.0 of liboqs. It was released on August 11, 2020.

What's New

This release continues from the 0.3.0 release of liboqs.

Key encapsulation mechanisms

  • HQC: Added version 2019/08/24
  • NewHope: Update to version 1.1
  • SIKE: Update to version 3.3

Digital signature schemes

  • Dilithium: Use version directly from PQCrystals GitHub
  • Picnic: Update to v3.0

Other changes

  • AES-NI support when liboqs does not use OpenSSL for AES

Deprecations

As a result of NIST's announcement of Round 3 of the Post-Quantum Cryptography Standardization Project, the 0.4.x series will be the last release(s) of liboqs that contain algorithms from Round 2 that are not Round 3 finalists or alternate candidates. Those algorithms will be removed in the 0.5.0 release. The algorithms in question are: NewHope, ThreeBears, MQDSS, and qTesla. These algorithms are considered deprecated within liboqs and will receive no updates after this release.

liboqs version 0.3.0

10 Jun 15:59
Compare
Choose a tag to compare

liboqs version 0.3.0

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • OQS-OpenSSH 7.9 portable 1: A prototype integration of liboqs-based authentication and key exchange into SSH in our fork of OpenSSH 7.9; see the OQS-master branch of our OpenSSH fork's repository.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is version 0.3.0 of liboqs, which was released on June 10, 2020. Its release page on GitHub is https://github.com/open-quantum-safe/liboqs/releases/tag/0.3.0.

What's New

This release continues from the 0.2.0 release of liboqs.

Key encapsulation mechanisms

  • BIKE: Update to Round 2 submission; removes BIKE2-*, BIKE3-*, BIKE1-L5, renames BIKE1-L1 and BIKE1-L3 to BIKE1-L1-CPA and BIKE1-L3-CPA, and adds BIKE1-L1-FO and BIKE-L3-FO
  • Classic McEliece: Newly added
  • Kyber: Add "90s variants": Kyber512-90s, Kyber768-90s, Kyber1024-90s
  • LEDAcrypt: Newly added
  • ThreeBears: Newly added

Digital signature schemes

  • Falcon: Newly added
  • MQDSS: Update to v2.1
  • Picnic: Update to v2.2
  • qTesla: Update to v1.0
  • Rainbow: Newly added
  • SPHINCS+: Add AVX2 and AESNI implementations

Other changes

  • Switch build system to CMake
  • Add support for building via Mingw on Windows
  • Support cross compilation via CMake to Raspberry Pi, Android, Windows, and more
  • Most optimizations dependent on specific CPU features are automatically detected at runtime, rather than being selected at compile-time

liboqs version 0.2.0

08 Oct 22:46
Compare
Choose a tag to compare

liboqs version 0.2.0

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OpenSSL 1.0.2: A prototype integration of liboqs-based authentication and key exchange into TLS 1.2 in our fork of OpenSSL 1.0.2; see the OQS-OpenSSL-1_0_2-stable branch of our OpenSSL fork's repository.
  • OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • OpenSSH 7.9 portable 1: A prototype integration of liboqs-based authentication and key exchange into SSH in our fork of OpenSSH 7.9; see the OQS-master branch of our OpenSSH fork's repository.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This release of liboqs was released on October 9, 2019. Its release page on GitHub is https://github.com/open-quantum-safe/liboqs/releases/tag/0.2.0.

What's New

This release continues from the 0.1.0 release of liboqs "master branch".

Key encapsulation mechanisms

  • Update FrodoKEM, NewHope, and SIDH/SIKE to NIST Round 2 submissions
  • Add Kyber, NTRU, and Saber NIST Round 2 submissions

Digital signature schemes

  • Update Picnic to NIST Round 2 submissions
  • Add Dilithium, MQDSS, Rainbow, and SPHINCS+ NIST Round 2 submissions

Other changes

  • Add support for cross-compilation on ARM
  • Add more extensive continuous integration testing
  • Use OpenSSL for AES, SHA-2, and SHA-3 where available
  • Add functions for runtime detection of whether KEM and signature scheme algorithms are enabled

Previous releases of liboqs differentiated between "master branch" and "nist-branch", with nist-branch supporting more algorithms. As of this release, nist-branch will no longer be developed or released, and all future releases are planned to be based on master branch.

Future work

Releases of liboqs master branch will be made every 2 to 3 months. Details about the algorithm lifecycle of master branch can be found at https://github.com/open-quantum-safe/liboqs/wiki/Contributing-Guide. Plans for the next release can be found online at https://github.com/open-quantum-safe/liboqs/projects/11

liboqs nist-branch snapshot-2018-11

13 Nov 16:43
Compare
Choose a tag to compare

liboqs nist-branch snapshot 2018-11

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

This branch of liboqs (nist-branch) focuses on incorporating submissions to the NIST Post-Quantum Cryptography standardization project. Details about nist-branch can be found in README.md. See in particular limitations on intended use.

This branch of liboqs can be used with the following Open Quantum Safe application integrations:

  • OpenSSL 1.0.2: A prototype integration of liboqs-based key exchange into TLS 1.2 in our fork of OpenSSL 1.0.2; see the OQS-OpenSSL-1_0_2-stable branch of our OpenSSL fork's repository.
  • OpenSSL 1.1.1: A prototype integration of liboqs-based key exchange and authentication into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • OpenSSH 7.7 portable 1: A prototype integration of liboqs-based key exchange into SSH in our fork of OpenSSH 7.7; see the OQS-master branch of our OpenSSH fork's repository.

Release notes

This snapshot of nist-branch was released on November 13, 2018. Its release page on Github is https://github.com/open-quantum-safe/liboqs/releases/tag/nist-branch-snapshot-2018-11.

What's New

This is the fourth snapshot release of liboqs nist-branch.

New key encapsulation mechanisms

The following KEMs have been added in the 2018-11 snapshot release:

  • Titanium: 4 parameterizations: Titanium-CCA-std, Titanium-CCA-med, Titanium-CCA-hi, Titanium-CCA-super (contributed by Ben Davies (University of Waterloo))

The BIKE implementation was updated.

New signature schemes

The following signature schemes have been added in the 2018-11 snapshot release:

  • CRYSTALS-Dilithium: 3 parameterizations: Dilithium_II_medium, Dilithium_III_recommended, Dilithium_IV_very_high (contributed by Tancrède Lepoint)

The qTESLA implementation was updated with a new upstream version (2018-07-28).

API changes

  • The public and private API have been more clearly delineated. The public API is now deemed to consist of oqs/common.h, oqs/oqsconfig.h, oqs/kem.h, oqs/rand.h, and oqs/sig.h and is marked with OQS_API.
  • An alg_version field is present on the OQS_KEM and OQS_SIG objects to indicate the version of the algorithm present.

Fixes

Future work

Snapshot releases of nist-branch will be made monthly. Plans for the next snapshot release of nist-branch can be found online at https://github.com/open-quantum-safe/liboqs/projects/10.

liboqs master branch version 0.1.0

13 Nov 16:43
Compare
Choose a tag to compare

liboqs master branch version 0.1.0

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

This branch of liboqs (master branch) aims to selectively incorporate allegedly quantum-resistant key encapsulation mechanisms and signature schemes, for the purposes of integration into a common API for liboqs-reliant applications. Details about liboqs master branch can be found in README.md. See in particular limitations on intended use and acceptance criteria.

This branch of liboqs can be used with the following Open Quantum Safe application integrations:

  • OpenSSL 1.0.2: A prototype integration of liboqs-based key exchange into TLS 1.2 in our fork of OpenSSL 1.0.2; see the OQS-OpenSSL-1_0_2-stable branch of our OpenSSL fork's repository.
  • OpenSSL 1.1.1: A prototype integration of liboqs-based key exchange and authentication into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • OpenSSH 7.7 portable 1: A prototype integration of liboqs-based key exchange into SSH in our fork of OpenSSH 7.7; see the OQS-master branch of our OpenSSH fork's repository.

Release notes

This release of liboqs master branch was released on November 13, 2018. Its release page on GitHub is https://github.com/open-quantum-safe/liboqs/releases/tag/master-0.1.0.

What's New

This is the first release of liboqs master branch.

This branch of liboqs aims to selectively incorporate allegedly quantum-resistant key encapsulation mechanisms and signature schemes, for the purposes of integration into a common API for liboqs-reliant applications. Implementations on this branch must meet certain acceptance criteria as indicated in README.md.

Key encapsulation mechanisms

The following KEMs are present in this liboqs master release:

  • BIKE, based on quasi-cyclic syndrome decoding; 9 parameterizations: BIKE1-L1, BIKE1-L3, BIKE1-L5, BIKE2-L1, BIKE2-L3, BIKE2-L5, BIKE3-L1, BIKE3-L3, BIKE3-L5
  • FrodoKEM, based on learning with errors; 4 parameterizations: FrodoKEM-640-AES, FrodoKEM-640-cSHAKE, FrodoKEM-976-AES, FrodoKEM-976-cSHAKE
  • NewHopeNIST, based on ring learning with errors; 2 parameterizations: NewHope-512-CCA-KEM, NewHope-1024-CCA-KEM
  • SIKE and SIDH, based on the supersingular isogeny walk problem; 4 parameterizations: Sike-p503, Sike-p751, Sidh-p503, Sidh-p751

Digital signature schemes

The following signature schemes are present in this liboqs master release:

  • Picnic: based on hash function and key recovery security of lowMC block cipher; 6 parameterizations: picnic_L1_FS, picnic_L1_UR, picnic_L3_FS, picnic_L3_UR, picnic_L5_FS, picnic_L5_UR
  • qTESLA, based on ring learning with errors; 3 parameterizations: qTESLA_I, qTESLA_III_size, qTESLA_III_speed

Future work

Releases of liboqs master branch will be made every 2 to 3 months. Details about the algorithm lifecycle of master branch can be found in README.md. Plans for the next release can be found online at https://github.com/open-quantum-safe/liboqs/projects/12.