Skip to content

liboqs version 0.5.0

Choose a tag to compare
@dstebila dstebila released this 10 Mar 18:31
· 278 commits to main since this release

liboqs version 0.5.0


The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: and on Github at

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • oqs-provider: A standalone prototype of liboqs-based key exchange for TLS 1.3 using the OpenSSL 3 (alpha) provider integration mechanism.
  • OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into SSH in our fork of OpenSSH 7.9; see the OQS-master branch of our OpenSSH fork's repository.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see

Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, and nginx. Performance of liboqs in several settings is measured at

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is version 0.5.0 of liboqs. It was released on March 10, 2021.

What's New

This release continues from the 0.4.0 release of liboqs. Its main goal is to incorporate updates submitted to Round 3 of the NIST Post-Quantum Cryptography Standardization Project.


As a result of NIST's announcement of Round 3 of the Post-Quantum Cryptography Standardization Project, the 0.4.x series was the last release of liboqs to contain algorithms from Round 2 that are not Round 3 finalists or alternate candidates. Those algorithms have been removed in the 0.5.0 series. The algorithms in question are: NewHope, ThreeBears, MQDSS, and qTesla.

Key encapsulation mechanisms

  • BIKE: No changes.
  • Classic McEliece: Added AVX2 implementation.
  • FrodoKEM: Incorporate upstream bug fixes and add runtime CPU feature detection for AVX2/AES-NI implementation.
  • HQC: Update to Round 3 version.
  • Kyber: Update to Round 3 version.
  • NTRU: Incorporate upstream bug fixes.
  • NTRUPrime: Add NTRUPrime.
  • Saber: Update to Round 3 version.
  • SIKE: Update to version 3.4.

Digital signature schemes

  • Dilithium: Update to version 3.1.
  • Falcon: Update to Round 3 version.
  • Picnic: Update to Picnic v3.0.4.
  • Rainbow: Update to Round 3 version.
  • SPHINCS+: Incorporate upstream bug fixes.

Other changes

  • Support for building liboqs with CPU extensions has been enhanced, and most implementations now have runtime CPU feature detection.
  • A tool for benchmarking memory usage has been added (test_kem_mem and test_sig_mem).
  • Valgrind is used to check for secret-dependent branch throughout the library. Note that not all implementations currently avoid secret-dependent branching; see tests/constant_time for details.