Skip to content

Latest commit

 

History

History
54 lines (36 loc) · 3.35 KB

RELEASE.md

File metadata and controls

54 lines (36 loc) · 3.35 KB

liboqs version 0.6.0-rc1

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.

liboqs can be used with the following Open Quantum Safe application integrations:

  • OQS-OpenSSL 1.1.1: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of OpenSSL 1.1.1; see the OQS-OpenSSL-1_1_1-stable branch of our OpenSSL fork's repository.
  • oqs-provider: A standalone prototype of liboqs-based key exchange for TLS 1.3 using the OpenSSL 3 (alpha) provider integration mechanism.
  • OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.

Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, and nginx. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.

liboqs can also be used in the following programming languages via language-specific wrappers:

Release notes

This is release candidate 1 for version 0.6.0 of liboqs. It was released on April 25, 2021.

What's New

This release continues from the 0.5.0 release of liboqs.

Key encapsulation mechanisms

  • Update Classic McEliece implementation

Digital signature schemes

  • Update SPHINCS+ to Round 3 version

Other changes

  • Improve random number generator when not relying on OpenSSL
  • Improve run-time and compile-time guarding of optimized code
  • Remove (unused) AES decryption code from common symmetric encryption code
  • Replace AES plain C implementation with a constant-time version
  • Update Windows cross-compiling toolchain
  • Build options changed:
    • By default, liboqs is now no longer built by default with CPU runtime feature detection and thus resulting executables may crash if not compiled suitably for the CPU on which the code shall be executed. For Docker files, we recommend setting OQS_DIST_BUILD to obtain code able to handle different CPU feature sets. Also, OQS_OPT_TARGET can be used to target a specific CPU at compile time. These flags are documented on the build options wiki page.