v0.4.0
oqs-provider 0.4.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
oqs-provider is a standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key exchange for TLS 1.3, as well as quantum-safe and hybrid X.509 certificate generation, CMS ond dgst operations.
When deployed, the oqs-provider binary (shared library) thus adds support for quantum-safe cryptographic operations to any standard OpenSSL(v3) installation.
In general, the oqs-provider main branch is meant to be useable in conjunction with the main branch of liboqs and the master branch of OpenSSL.
Further details on building, testing and use can be found in README.md. See in particular limitations on intended use.
Release notes
This is version 0.4.0 of oqs-provider.
Security considerations
This release removes Rainbow level 1 and all variants of SIDH and SIKE due to cryptanalytic breaks of those algorithms. Users are advised to move away from use of those algorithms immediately.
What's New
This release continues from the 0.3.0 release of oqs-provider and is fully tested to be used in conjunction with version 0.7.2 of liboqs.
oqs-provider has been integrated as an external test component for OpenSSL3 testing and will thus remain in line with any possibly required provider API enhancements.
Algorithm updates
- Removal of SIKE/SIDH and Rainbow level I due to cryptographic breaks
Functional updates
- Addition of quantum-safe CMS operations via the OpenSSL interface
- Addition of quantum-safe dgst operations via the OpenSSL interface
Misc updates
- Additional testing
- Integration with and of OpenSSL test harness
Full Changelog: 0.3.0...0.4.0.