CINXE.COM

FAQ | Open Quantum Safe

<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <link rel="stylesheet" href="/assets/css/just-the-docs-default.css"> <link rel="stylesheet" href="/assets/css/just-the-docs-head-nav.css" id="jtd-head-nav-stylesheet"> <style id="jtd-nav-activation"> .site-nav > ul.nav-list:first-child > li:not(:nth-child(3)) > a, .site-nav > ul.nav-list:first-child > li > ul > li a { background-image: none; } .site-nav > ul.nav-list:not(:first-child) a, .site-nav li.external a { background-image: none; } .site-nav > ul.nav-list:first-child > li:nth-child(3) > a { font-weight: 600; text-decoration: none; }.site-nav > ul.nav-list:first-child > li:nth-child(3) > button svg { transform: rotate(-90deg); }.site-nav > ul.nav-list:first-child > li.nav-list-item:nth-child(3) > ul.nav-list { display: block; } </style> <script src="/assets/js/vendor/lunr.min.js"></script> <script src="/assets/js/just-the-docs.js"></script> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- Begin Jekyll SEO tag v2.8.0 --> <title>FAQ | Open Quantum Safe</title> <meta name="generator" content="Jekyll v4.4.1" /> <meta property="og:title" content="FAQ" /> <meta property="og:locale" content="en_US" /> <meta name="description" content="Open-source software for prototyping quantum-resistant cryptography" /> <meta property="og:description" content="Open-source software for prototyping quantum-resistant cryptography" /> <link rel="canonical" href="https://openquantumsafe.org/faq.html" /> <meta property="og:url" content="https://openquantumsafe.org/faq.html" /> <meta property="og:site_name" content="Open Quantum Safe" /> <meta property="og:type" content="website" /> <meta name="twitter:card" content="summary" /> <meta property="twitter:title" content="FAQ" /> <script type="application/ld+json"> {"@context":"https://schema.org","@type":"WebPage","description":"Open-source software for prototyping quantum-resistant cryptography","headline":"FAQ","url":"https://openquantumsafe.org/faq.html"}</script> <!-- End Jekyll SEO tag --> <link href="https://fonts.googleapis.com/css?family=Montserrat:400,700" rel="stylesheet" type="text/css"> <link href='https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic' rel='stylesheet' type='text/css'> <link rel="icon" type="image/png" href="https://openquantumsafe.org/img/logos/oqs-square-32.png" sizes="32x32" /> <link rel="icon" type="image/png" href="https://openquantumsafe.org/img/logos/oqs-square-152.png" sizes="152x152" /> <link rel="icon" type="image/png" href="https://openquantumsafe.org/img/logos/oqs-square-152.png" sizes="160x160" /> <link rel="icon" type="image/png" href="https://openquantumsafe.org/img/logos/oqs-square-192.png" sizes="192x192" /> <link rel="icon" type="image/jpeg" href="https://openquantumsafe.org/img/logos/oqs-square-768.jpg" sizes="768x768" /> <link rel="apple-touch-icon" href="https://openquantumsafe.org/img/logos/oqs-square-152.png" /> <meta property="og:image" content="https://openquantumsafe.org/img/logos/oqs-square-768.jpg" /> <meta property="og:image:type" content="image/jpeg" /> <meta property="og:image:width" content="768" /> <meta property="og:image:height" content="768" /> <style> * { font-feature-settings: "tnum"; font-variant-numeric: tabular-nums; } </style> </head> <body> <a class="skip-to-main" href="#main-content">Skip to main content</a> <svg xmlns="http://www.w3.org/2000/svg" class="d-none"> <symbol id="svg-link" viewBox="0 0 24 24"> <title>Link</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-link"> <path d="M10 13a5 5 0 0 0 7.54.54l3-3a5 5 0 0 0-7.07-7.07l-1.72 1.71"></path><path d="M14 11a5 5 0 0 0-7.54-.54l-3 3a5 5 0 0 0 7.07 7.07l1.71-1.71"></path> </svg> </symbol> <symbol id="svg-menu" viewBox="0 0 24 24"> <title>Menu</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"> <line x1="3" y1="12" x2="21" y2="12"></line><line x1="3" y1="6" x2="21" y2="6"></line><line x1="3" y1="18" x2="21" y2="18"></line> </svg> </symbol> <symbol id="svg-arrow-right" viewBox="0 0 24 24"> <title>Expand</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-right"> <polyline points="9 18 15 12 9 6"></polyline> </svg> </symbol> <!-- Feather. MIT License: https://github.com/feathericons/feather/blob/master/LICENSE --> <symbol id="svg-external-link" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-external-link"> <title id="svg-external-link-title">(external link)</title> <path d="M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"></path><polyline points="15 3 21 3 21 9"></polyline><line x1="10" y1="14" x2="21" y2="3"></line> </symbol> <symbol id="svg-doc" viewBox="0 0 24 24"> <title>Document</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-file"> <path d="M13 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V9z"></path><polyline points="13 2 13 9 20 9"></polyline> </svg> </symbol> <symbol id="svg-search" viewBox="0 0 24 24"> <title>Search</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-search"> <circle cx="11" cy="11" r="8"></circle><line x1="21" y1="21" x2="16.65" y2="16.65"></line> </svg> </symbol> <!-- Bootstrap Icons. MIT License: https://github.com/twbs/icons/blob/main/LICENSE.md --> <symbol id="svg-copy" viewBox="0 0 16 16"> <title>Copy</title> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-clipboard" viewBox="0 0 16 16"> <path d="M4 1.5H3a2 2 0 0 0-2 2V14a2 2 0 0 0 2 2h10a2 2 0 0 0 2-2V3.5a2 2 0 0 0-2-2h-1v1h1a1 1 0 0 1 1 1V14a1 1 0 0 1-1 1H3a1 1 0 0 1-1-1V3.5a1 1 0 0 1 1-1h1v-1z"/> <path d="M9.5 1a.5.5 0 0 1 .5.5v1a.5.5 0 0 1-.5.5h-3a.5.5 0 0 1-.5-.5v-1a.5.5 0 0 1 .5-.5h3zm-3-1A1.5 1.5 0 0 0 5 1.5v1A1.5 1.5 0 0 0 6.5 4h3A1.5 1.5 0 0 0 11 2.5v-1A1.5 1.5 0 0 0 9.5 0h-3z"/> </svg> </symbol> <symbol id="svg-copied" viewBox="0 0 16 16"> <title>Copied</title> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-clipboard-check-fill" viewBox="0 0 16 16"> <path d="M6.5 0A1.5 1.5 0 0 0 5 1.5v1A1.5 1.5 0 0 0 6.5 4h3A1.5 1.5 0 0 0 11 2.5v-1A1.5 1.5 0 0 0 9.5 0h-3Zm3 1a.5.5 0 0 1 .5.5v1a.5.5 0 0 1-.5.5h-3a.5.5 0 0 1-.5-.5v-1a.5.5 0 0 1 .5-.5h3Z"/> <path d="M4 1.5H3a2 2 0 0 0-2 2V14a2 2 0 0 0 2 2h10a2 2 0 0 0 2-2V3.5a2 2 0 0 0-2-2h-1v1A2.5 2.5 0 0 1 9.5 5h-3A2.5 2.5 0 0 1 4 2.5v-1Zm6.854 7.354-3 3a.5.5 0 0 1-.708 0l-1.5-1.5a.5.5 0 0 1 .708-.708L7.5 10.793l2.646-2.647a.5.5 0 0 1 .708.708Z"/> </svg> </symbol> </svg> <div class="side-bar"> <div class="site-header" role="banner"> <a href="/" class="site-title lh-tight"><span style="font-family: 'Montserrat'; text-transform: uppercase; font-weight: 700; font-size: 75%; text-align: center;">Open&nbsp;Quantum&nbsp;Safe</span> </a> <button id="menu-button" class="site-button btn-reset" aria-label="Toggle menu" aria-pressed="false"> <svg viewBox="0 0 24 24" class="icon" aria-hidden="true"><use xlink:href="#svg-menu"></use></svg> </button> </div> <nav aria-label="Main" id="site-nav" class="site-nav"> <ul class="nav-list"><li class="nav-list-item"><a href="/" class="nav-list-link">Home</a></li><li class="nav-list-item"><a href="/post-quantum-crypto.html" class="nav-list-link">Post-quantum cryptography</a></li><li class="nav-list-item"><a href="/faq.html" class="nav-list-link">FAQ</a></li><li class="nav-list-item"><button class="nav-list-expander btn-reset" aria-label="toggle items in About our project category" aria-pressed="false"> <svg viewBox="0 0 24 24" aria-hidden="true"><use xlink:href="#svg-arrow-right"></use></svg> </button><a href="/about/" class="nav-list-link">About our project</a><ul class="nav-list"><li class="nav-list-item"><a href="/news/" class="nav-list-link">News</a></li><li class="nav-list-item"><a href="/about/sponsors.html" class="nav-list-link">Sponsors</a></li></ul></li><li class="nav-list-item"><button class="nav-list-expander btn-reset" aria-label="toggle items in liboqs category" aria-pressed="false"> <svg viewBox="0 0 24 24" aria-hidden="true"><use xlink:href="#svg-arrow-right"></use></svg> </button><a href="/liboqs/" class="nav-list-link">liboqs</a><ul class="nav-list"><li class="nav-list-item"><a href="/liboqs/getting-started.html" class="nav-list-link">Getting started</a></li><li class="nav-list-item"><button class="nav-list-expander btn-reset" aria-label="toggle items in Algorithms category" aria-pressed="false"> <svg viewBox="0 0 24 24" aria-hidden="true"><use xlink:href="#svg-arrow-right"></use></svg> </button><a href="/liboqs/algorithms/" class="nav-list-link">Algorithms</a><ul class="nav-list"><li class="nav-list-item"><a href="/liboqs/algorithms/kem/bike.html" class="nav-list-link">BIKE</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/kem/classic_mceliece.html" class="nav-list-link">Classic McEliece</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/sig/cross.html" class="nav-list-link">CROSS</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/sig/dilithium.html" class="nav-list-link">Dilithium</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/sig/falcon.html" class="nav-list-link">Falcon</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/kem/frodokem.html" class="nav-list-link">FrodoKEM</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/kem/hqc.html" class="nav-list-link">HQC</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/kem/kyber.html" class="nav-list-link">Kyber</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/sig_stfl/lms.html" class="nav-list-link">LMS</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/sig/mayo.html" class="nav-list-link">MAYO</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/sig/ml-dsa.html" class="nav-list-link">ML-DSA</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/kem/ml-kem.html" class="nav-list-link">ML-KEM</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/kem/ntruprime.html" class="nav-list-link">NTRU-Prime</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/sig/sphincs.html" class="nav-list-link">SPHINCS+</a></li><li class="nav-list-item"><a href="/liboqs/algorithms/sig_stfl/xmss.html" class="nav-list-link">XMSS</a></li></ul></li><li class="nav-list-item"><a href="/liboqs/security.html" class="nav-list-link">Security policy</a></li><li class="nav-list-item"><button class="nav-list-expander btn-reset" aria-label="toggle items in C example code category" aria-pressed="false"> <svg viewBox="0 0 24 24" aria-hidden="true"><use xlink:href="#svg-arrow-right"></use></svg> </button><a href="/liboqs/examples/" class="nav-list-link">C example code</a><ul class="nav-list"><li class="nav-list-item"><a href="/liboqs/examples/kem.html" class="nav-list-link">Encapsulation and decapsulation</a></li><li class="nav-list-item"><a href="/liboqs/examples/sig.html" class="nav-list-link">Signing and verification</a></li></ul></li><li class="nav-list-item"><button class="nav-list-expander btn-reset" aria-label="toggle items in C API documentation category" aria-pressed="false"> <svg viewBox="0 0 24 24" aria-hidden="true"><use xlink:href="#svg-arrow-right"></use></svg> </button><a href="/liboqs/api/" class="nav-list-link">C API documentation</a><ul class="nav-list"></ul></li><li class="nav-list-item"><a href="/liboqs/wrappers.html" class="nav-list-link">Language wrappers</a></li><li class="nav-list-item"><a href="/liboqs/license.html" class="nav-list-link">License</a></li></ul></li><li class="nav-list-item"><button class="nav-list-expander btn-reset" aria-label="toggle items in Applications and protocols category" aria-pressed="false"> <svg viewBox="0 0 24 24" aria-hidden="true"><use xlink:href="#svg-arrow-right"></use></svg> </button><a href="/applications/" class="nav-list-link">Applications and protocols</a><ul class="nav-list"><li class="nav-list-item"><a href="/applications/tls.html" class="nav-list-link">TLS</a></li><li class="nav-list-item"><a href="/applications/ssh.html" class="nav-list-link">SSH</a></li><li class="nav-list-item"><a href="/applications/x509.html" class="nav-list-link">X.509</a></li><li class="nav-list-item"><a href="/applications/smime.html" class="nav-list-link">CMS and S/MIME</a></li><li class="nav-list-item"><a href="/applications/external.html" class="nav-list-link">External users of OQS</a></li></ul></li><li class="nav-list-item"><a href="/research/" class="nav-list-link">Research</a></li><li class="nav-list-item"><a href="/benchmarking/" class="nav-list-link">Benchmarking</a></li><li class="nav-list-item"><a href="/team/" class="nav-list-link">Team</a></li></ul> </nav> <footer class="site-footer"> </footer> </div> <div class="main" id="top"> <div id="main-header" class="main-header"> <div class="search" role="search"> <div class="search-input-wrap"> <input type="text" id="search-input" class="search-input" tabindex="0" placeholder="Search Open&nbsp;Quantum&nbsp;Safe" aria-label="Search Open&nbsp;Quantum&nbsp;Safe" autocomplete="off"> <label for="search-input" class="search-label"><svg viewBox="0 0 24 24" class="search-icon"><use xlink:href="#svg-search"></use></svg></label> </div> <div id="search-results" class="search-results"></div> </div> </div> <div class="main-content-wrap"> <div id="main-content" class="main-content"> <main> <h1 id="frequently-asked-questions"> <a href="#frequently-asked-questions" class="anchor-heading" aria-labelledby="frequently-asked-questions"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Frequently Asked Questions </h1> <h3 id="what-is-post-quantum--what-does-quantum-safe-mean"> <a href="#what-is-post-quantum--what-does-quantum-safe-mean" class="anchor-heading" aria-labelledby="what-is-post-quantum--what-does-quantum-safe-mean"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> What is post-quantum? What does quantum-safe mean? </h3> <p>PQ stands for <strong>post-quantum cryptography</strong>, which is cryptography that aims to be resistant to attack by quantum computers. Post-quantum cryptography is also sometimes called <strong>quantum-resistant cryptography</strong> or <strong>quantum-safe cryptography</strong>. See our <a href="/post-quantum-crypto">short primer on post-quantum cryptography</a> or read more details at <a href="https://en.wikipedia.org/wiki/Post-quantum_cryptography">Wikipedia</a>.</p> <h3 id="does-post-quantum-cryptography-require-a-quantum-computer"> <a href="#does-post-quantum-cryptography-require-a-quantum-computer" class="anchor-heading" aria-labelledby="does-post-quantum-cryptography-require-a-quantum-computer"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Does post-quantum cryptography require a quantum computer? </h3> <p>No, post-quantum cryptography does not require a quantum computer to run: post-quantum algorithms can be implemented on today’s computers. Post-quantum means that the algorithms are conjectured to be secure even if an attacker someday has a quantum computer.</p> <h3 id="are-post-quantum-algorithms-really-secure"> <a href="#are-post-quantum-algorithms-really-secure" class="anchor-heading" aria-labelledby="are-post-quantum-algorithms-really-secure"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Are post-quantum algorithms really secure? </h3> <p>Like most cryptography algorithms, post-quantum cryptography algorithms rely on assumptions that certain mathematical problems are hard to break. In general, we do not have proofs that these mathematical problems are in fact hard to break, but mathematicians and cryptographers around the world who have studied these algorithms intently have not been able to succeed in breaking them.</p> <h3 id="what-is-the-status-of-pq-standardization"> <a href="#what-is-the-status-of-pq-standardization" class="anchor-heading" aria-labelledby="what-is-the-status-of-pq-standardization"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> What is the status of PQ standardization? </h3> <p>The worldwide effort for developing and standardizing is centred around the <a href="https://csrc.nist.gov/projects/post-quantum-cryptography">NIST Post-Quantum Cryptography Standardization Project</a>. In 2016, the NIST PQC project issued a call for proposals for quantum-resistant digital signature and key encapsulation mechanisms, kicking off a multi-year project to standardize one or more quantum-resistant cryptosystems after several rounds of public review and comment. In 2022, NIST announced its selection of 4 algorithms for standardization: the key encapsulation mechanism CRYSTALS-Kyber, and three signature schemes CRYSTALS-Dilithium, Falcon, and SPHINCS+. In 2023, NIST released draft standards for 3 of those algorithms. In 2024, NIST published FIPS 202, 203, and 204, specifying the ML-KEM (Kyber), ML-DSA (Dilithium), and SLH-DSA (SPHINCS+) algorithms. NIST continues to evaluate additional post-quantum algorithms for potential standardization.</p> <p>Standardization of post-quantum algorithms is also taking place in other bodies. The <a href="https://datatracker.ietf.org/rg/cfrg/about/">Crypto Forum Research Group</a> within the Internet Engineering Task Force has standardized two stateful hash-based signature schemes (XMSS and LMS/HSS). The International Organization for Standardization (ISO) is also considering the standardization of several post-quantum algorithms. Other countries are also evaluating and standardizing post-quantum cryptography.</p> <p>As of September 2024, here is the status of NIST and IETF standards-track post-quantum algorithms:</p> <p>Key encapsulation mechanisms:</p> <ul> <li>ML-KEM a.k.a. CRYSTALS-Kyber: <a href="https://csrc.nist.gov/pubs/fips/203/final">FIPS 203 published by NIST</a></li> </ul> <p>Digital signature schemes:</p> <ul> <li>ML-DSA a.k.a. CRYSTALS-Dilithium: <a href="https://csrc.nist.gov/pubs/fips/204/final">FIPS 204 published by NIST</a></li> <li>Falcon: draft standard under development by NIST</li> <li>SLH-DSA a.k.a. SPHINCS+: <a href="https://csrc.nist.gov/pubs/fips/205/final">FIPS 205 published by NIST</a></li> <li>XMSS: <a href="https://www.rfc-editor.org/rfc/rfc8391.html">standard from CFRG / IRTF</a></li> <li>LMS/HSS: <a href="https://www.rfc-editor.org/rfc/rfc8554.html">standard from CFRG / IRTF</a></li> </ul> <h3 id="whats-a-key-encapsulation-mechanism"> <a href="#whats-a-key-encapsulation-mechanism" class="anchor-heading" aria-labelledby="whats-a-key-encapsulation-mechanism"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> What’s a key encapsulation mechanism? </h3> <p>A <a href="https://en.wikipedia.org/wiki/Key_encapsulation_mechanism"><strong>key encapsulation mechanism (KEM)</strong></a> is a public key cryptographic scheme that allows two parties to establish a shared secret key using only public communication. The primary security property provided by a KEM is confidentiality.</p> <p>KEMs are closely related to <a href="https://en.wikipedia.org/wiki/Public-key_cryptography">public key encryption</a>, with one major difference: in a public key encryption scheme, the sender can choose a message to transmit confidentially to the receiver, whereas in a KEM, the sender cannot choose the message to be sent, instead the shared secret key that is established by the KEM between the sender and the receiver is random, not controlled by either the sender or the receiver. KEMs can be viewed as a generalization of <a href="https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange">Diffie–Hellman key exchange</a>.</p> <p>KEMs are often used in secure channel establishment protocols like TLS in order to set up a symmetric encryption key that is subsequently used in a symmetric key encryption scheme like AES to encrypt application data.</p> <h3 id="how-can-i-encrypt-things-using-ml-kem-kyber"> <a href="#how-can-i-encrypt-things-using-ml-kem-kyber" class="anchor-heading" aria-labelledby="how-can-i-encrypt-things-using-ml-kem-kyber"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> How can I encrypt things using ML-KEM (Kyber)? </h3> <p>ML-KEM (Kyber) is a key encapsulation mechanism, not a public key encryption scheme. See the question above to learn about key encapsulation mechanisms and how they differ from public key encryption schemes.</p> <p>It is possible to build a public key encryption scheme by combining a KEM with a symmetric encryption scheme; this is often called the “KEM/DEM approach” or “hybrid public key encryption” (in that phrase, “hybrid” means “hybrid public key / symmetric” rather than “hybrid classical / post-quantum”). One standard for doing this is <a href="https://www.rfc-editor.org/rfc/rfc9180.html">HPKE (RFC 9180)</a>.</p> <h3 id="how-can-i-sign-things-using-a-ml-kem-kyber-certificate"> <a href="#how-can-i-sign-things-using-a-ml-kem-kyber-certificate" class="anchor-heading" aria-labelledby="how-can-i-sign-things-using-a-ml-kem-kyber-certificate"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> How can I sign things using a ML-KEM (Kyber) certificate? </h3> <p>ML-KEM (Kyber) is a key encapsulation mechanism (see the above question to learn more about KEMs), not a digital signature scheme. This means that the security goal of ML-KEM is confidentiality, not authentication. You need to use a digital signature scheme like ML-DSA (Dilithium) in order to digitally sign a message.</p> <h3 id="what-is-oqs"> <a href="#what-is-oqs" class="anchor-heading" aria-labelledby="what-is-oqs"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> What is OQS? </h3> <p>The Open Quantum Safe project is an open-source software project to support the transition post-quantum cryptography. OQS implements a broad set of post-quantum cryptography algorithms, including some algorithms that are in the process of being standardized. Read more about the OQS project on our <a href="/about">about</a> page.</p> <h3 id="is-oqs-safe-to-use"> <a href="#is-oqs-safe-to-use" class="anchor-heading" aria-labelledby="is-oqs-safe-to-use"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Is OQS safe to use? </h3> <p>OQS began as a research project to enable the prototyping and evaluation of quantum-resistant cryptography. As the field of post-quantum cryptography starts to mature with emerging standards, it is our goal to mature our codebase into a production-track version that is suitable for use in production environments, while also maintaining an experimental-track version of the our suite that continues to support research and development in new post-quantum cryptography algorithms.</p> <p>At present, the post-quantum algorithms in OQS have not been adopted as standards by NIST, and the implementations in OQS have not been subject to external audit. For these two reasons, we recommend extreme caution regarding the use of OQS in production environments at this time. With added support from the <a href="https://pqca.org/">Post-Quantum Cryptography Alliance</a>, we intend to increase our efforts to de-risk such use.</p> <p>Read about the limitations of our software on our <a href="/about">about</a> page.</p> <h3 id="how-can-i-use-post-quantum-cryptography-in-tls--x509--smimecms"> <a href="#how-can-i-use-post-quantum-cryptography-in-tls--x509--smimecms" class="anchor-heading" aria-labelledby="how-can-i-use-post-quantum-cryptography-in-tls--x509--smimecms"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> How can I use post-quantum cryptography in TLS / X.509 / S/MIME/CMS? </h3> <p>The easiest way to get started in experimenting with post-quantum algorithms in network protocols like TLS, X.509, and S/MIME or CMS is to use OpenSSL 3 combined with the <a href="https://github.com/open-quantum-safe/oqs-provider">oqs-provider</a>, which adds support for all the post-quantum algorithms supported by the OQS project into those network protocols in OpenSSL 3-reliant applications.</p> <p>You can also get started with our pre-built Docker images for experiments in many applications in our <a href="https://github.com/open-quantum-safe/oqs-demos/">OQS Demos repository</a>.</p> <h3 id="how-can-i-use-post-quantum-cryptography-in-my-favourite-programming-language"> <a href="#how-can-i-use-post-quantum-cryptography-in-my-favourite-programming-language" class="anchor-heading" aria-labelledby="how-can-i-use-post-quantum-cryptography-in-my-favourite-programming-language"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> How can I use post-quantum cryptography in &lt;my favourite programming language&gt;? </h3> <p>Our <a href="https://github.com/open-quantum-safe/liboqs/">liboqs</a> project is a C language library with support for many post-quantum algorithms. We have thin wrappers that provide bindings for these algorithms in many languages, including <a href="https://github.com/open-quantum-safe/liboqs-cpp/">C++</a>, <a href="https://github.com/open-quantum-safe/liboqs-go">Go</a>, <a href="https://github.com/open-quantum-safe/liboqs-java/">Java</a>, <a href="https://github.com/open-quantum-safe/liboqs-python/">Python</a>, and <a href="https://github.com/open-quantum-safe/liboqs-rust/">Rust</a>. Note that these language wrappers only expose the basic algorithm APIs for directly calling; they do not integrate the PQ algorithms into higher level cryptographic APIs of the language (for example, liboqs-java and liboqs-python lets you directly call the key generation, sign, and verify algorithms of a PQ signature scheme, but does not add support for PQ algorithms to Java or Python’s X.509 layer or TLS layer.)</p> <h3 id="how-can-i-use-post-quantum-cryptography-on-my-website-and-in-my-web-browser"> <a href="#how-can-i-use-post-quantum-cryptography-on-my-website-and-in-my-web-browser" class="anchor-heading" aria-labelledby="how-can-i-use-post-quantum-cryptography-on-my-website-and-in-my-web-browser"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> How can I use post-quantum cryptography on my website and in my web browser? </h3> <p>In our <a href="https://github.com/open-quantum-safe/oqs-demos/">OQS Demos</a>, we provide example Docker images for running web server and web browser demos using post-quantum algorithms implemented by OQS. We also operate a <a href="https://test.openquantumsafe.org/">test web server</a> for testing post-quantum TLS connections.</p> <p>However, post-quantum cryptography has not yet been fully deployed in mainstream web servers and web browsers, but some have started to deploy a selection of algorithms. Google Chrome is <a href="https://blog.chromium.org/2023/08/protecting-chrome-traffic-with-hybrid.html">starting</a> to roll out support for hybrid post-quantum cryptography, so it may be available in some users’ browsers. Most web servers do not yet support post-quantum cryptography, but some big providers and content distribution networks do, such as Cloudflare <a href="https://blog.cloudflare.com/post-quantum-for-all/">1</a>, <a href="https://blog.cloudflare.com/post-quantum-to-origins/">2</a>.</p> <h3 id="how-can-i-get-involved"> <a href="#how-can-i-get-involved" class="anchor-heading" aria-labelledby="how-can-i-get-involved"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> How can I get involved? </h3> <p>All of our development takes place on our <a href="https://github.com/open-quantum-safe/">GitHub repositories</a>. Stop on by, we’d love to hear from you!</p> <h3 id="what-is-the-relationship-between-oqs-and-the-pq-code-package"> <a href="#what-is-the-relationship-between-oqs-and-the-pq-code-package" class="anchor-heading" aria-labelledby="what-is-the-relationship-between-oqs-and-the-pq-code-package"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> What is the relationship between OQS and the PQ Code Package? </h3> <p>The <a href="https://github.com/pq-code-package">PQ Code Package</a> is a newly launched project of the Linux Foundation, and is a sister project to the Open Quantum Safe project. The PQ Code Package project aims to build high-assurance and formally verified software implementations of standards-track post-quantum cryptography algorithms, starting with the ML-KEM (Kyber) algorithm.</p> <p>The PQ Code Package will provide standalone implementations of ML-KEM, intended to be adopted by authors of other cryptographic libraries who need to import source code for ML-KEM into their library. Open Quantum Safe is multi-algorithm suite of post-quantum cryptography, distributed in binary form, with integrations into higher level applications using the <a href="https://github.com/open-quantum-safe/oqs-provider/">OQS OpenSSL 3 provider</a>. As the implementations in the PQ Code Package mature, they will be incorporated into liboqs to provide users of OQS access to high-assurance implementations of these algorithms.</p> <h3 id="what-is-the-relationship-between-the-post-quantum-cryptography-alliance-and-the-post-quantum-cryptography-coalition"> <a href="#what-is-the-relationship-between-the-post-quantum-cryptography-alliance-and-the-post-quantum-cryptography-coalition" class="anchor-heading" aria-labelledby="what-is-the-relationship-between-the-post-quantum-cryptography-alliance-and-the-post-quantum-cryptography-coalition"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> What is the relationship between the Post-Quantum Cryptography Alliance and the Post-Quantum Cryptography Coalition? </h3> <p>In September 2023, MITRE announced the <a href="https://www.mitre.org/news-insights/news-release/post-quantum-cryptography-coalition-launches">Post-Quantum Cryptography Coalition (PQCC)</a>.</p> <p>The PQC Coalition has four main work streams:</p> <ol> <li>Advancing standards relevant to PQC migration,</li> <li>Creating technical materials to support education and workforce development,</li> <li>Producing and verifying open-source, production-quality code, and implementing side-channel resistant code for industry verticals, and</li> <li>Ensuring cryptographic agility.</li> </ol> <p>In February 2024, the Linux Foundation launched the <a href="https://pqca.org/">Post-Quantum Cryptography Alliance (PQCA)</a>, which includes the Open Quantum Safe project. The PQCA is focused primarily on open source software for post-quantum cryptography.</p> <p>Several founding members of the PQC Coalition are also members of the Post-Quantum Cryptography Alliance. We envision a close working relationship between the PQCC’s activities on their workstream #3, and the work of the PQCA. One of the ways we plan to work together on that goal is that the PQCC in workstream 3 will help identify requirements for PQ implementations (e.g., measures of side channel resistance), and then feed that guidance into the open-source software projects in the PQCA which will build open source implementations.</p> </main> <hr> <footer> <p class="text-small text-grey-dk-100 mb-0">Copyright © Open Quantum Safe a Series of LF Projects, LLC.<br>For website terms of use, trademark policy, and other project policies, please see <a href='https://lfprojects.org'>https://lfprojects.org</a>.<br /> This site uses <a href='https://just-the-docs.com/' target='_blank'>Just the Docs</a>, a documentation theme for Jekyll. Background image by <a href='https://commons.wikimedia.org/wiki/File:05_camera_painting_motion_blur_experimental_digital_photography_by_Rick_Doble.jpg'>Rick Doble</a>.</p> </footer> </div> </div> <div class="search-overlay"></div> </div> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10