Releases: open-quantum-safe/liboqs
liboqs version 0.14.0
liboqs version 0.14.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.14.0 of liboqs. It was released on July 10, 2025.
This release contains a security fix for secret-dependent branching in HQC. It introduces support for SNOVA, a NIST Additional Signatures Round 2 candidate, and a new optimized implementation of SHA3 using AVX-512VL instructions. Additionally, this is the first liboqs release to include the stable 1.0.0 version of PQ Code Package's mlkem-native.
This release also introduces a number of improvements to testing and infrastructure. The OQS project is now publishing benchmarking data on https://openquantumsafe.org/benchmarking and code coverage data on https://coveralls.io/github/open-quantum-safe/liboqs.
Deprecation notice
This will be the last release of liboqs to include Dilithium (that is, the NIST Round 3 version of Dilithium, prior to its standardization by NIST as ML-DSA in FIPS 204). Applications should switch to ML-DSA (FIPS 204). Please contact us if you have any concerns.
Security issues
- CVE-2025-52473: Disabled compiler optimizations for HQC to avoid secret-dependent branches. Thank you to Zhenzhi Lai and Zhiyuan Zhang from from the University of Melbourne and the Max Planck Institute for Security and Privacy for identifying the issue.
What's New
This release continues from the 0.13.0 release of liboqs.
Key encapsulation mechanisms
- HQC: Disabled compiler optimizations to avoid secret-dependent branching in certain configurations. HQC remains disabled by default.
- ML-KEM: Updated the default ML-KEM implementation to PQCP's mlkem-native v1.0.0.
Digital signature schemes
- New API: added an API function to check if a signature scheme supports signing with a context string.
- SNOVA: added SNOVA from NIST Additional Signature Schemes Round 2.
Other changes
- Added an AVX512VL-optimized backend for SHA3.
- Improved memory management throughout the codebase.
Detailed changelog
What's Changed
- Switch to dev mode after 0.13.0 release by @praveksharma in #2125
- Restrict -Wno-maybe-uninitialized to GCC and fix stack size typo by @alraddady in #2111
- Promote @SWilson4 from Committer to Maintainer [skip ci] by @SWilson4 in #2120
- Update Nix flake inputs by @aidenfoxivey in #2126
- Change cuPQC upstream repo by @praveksharma in #2115
- Integrate SNOVA into liboqs by @vacuas in #2109
- Update ACVP vectors to latest release by @abhinav-thales in #2131
- Add a function to check if context string is supported by @M-AlNoaimi in #2142
- Skip failing CI test by @dstebila in #2157
- Use OQS_MEM_cleanse() instead of memset() by @Hussain1811 in #2158
- Check for NULL dereference before using secure free by @Hussain1811 in #2151
- Update mlkem-native to v1.0.0 by @mkannwischer in #2146
- test: Use secure free for freeing secret key objects by @Hussain1811 in #2149
- tests: Remove unused variables by @Hussain1811 in #2152
- Wycheproof by @h2parson in #2145
- tests: Check OQS_STATUS of RNG and fstore functions by @Hussain1811 in #2153
- Adjust constant-time test exception for mlkem-native by @mkannwischer in #2162
- Continuous Benchmarking using Github Actions by @pablo-gf in #2134
- test: Add basic kem fuzz testing by @nathaniel-brough in #2133
- Increase alert threshold for continuous benchmarking by @pablo-gf in #2166
- Benchmarking comments only on alerts by @dstebila in #2168
- Adding code coverage by @aidenfoxivey in #2148
- Add AVX512VL-Optimized SHA3/SHAKE Implementations by @mdcornu in #2167
- Zeroize memory in SHA3 implementation by @aidenfoxivey in #2171
- Disable compiler optimizations for HQC by @SWilson4 in 4215362
- liboqs 0.14.0 release candidate 1 by @SWilson4 in #2180
- Document public / internal API split [skip ci] by @SWilson4 in #2182
New Contributors
- @alraddady made their first contribution in #2111
- @vacuas made their first contribution in #2109
- @M-AlNoaimi made their first contribution in #2142
- @Hussain1811 made their first contribution in #2158
- @h2parson made their first contribution in #2145
- @mdcornu made their first contribution in #2167
Full Changelog: 0.13.0...0.14.0
Contributors
Assets 2
liboqs version 0.14.0-rc1
liboqs version 0.14.0-rc1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is release candidate 1 for version 0.14.0 of liboqs. It was released on June 25, 2025.
This release contains a security fix for secret-dependent branching in HQC. It introduces support for SNOVA, a NIST Additional Signatures Round 2 candidate, and a new optimized implementation of SHA3 using AVX-512VL instructions. Additionally, this is the first liboqs release to include the stable 1.0.0 version of PQ Code Package's mlkem-native.
This release also introduces a number of improvements to testing and infrastructure. The OQS project is now publishing benchmarking data on https://openquantumsafe.org/benchmarking and code coverage data on https://coveralls.io/github/open-quantum-safe/liboqs.
Deprecation notice
This will be the last release of liboqs to include Dilithium (that is, the NIST Round 3 version of Dilithium, prior to its standardization by NIST as ML-DSA in FIPS 204). Applications should switch to ML-DSA (FIPS 204). Please contact us if you have any concerns.
Security issues
- CVE-2025-52473: Disabled compiler optimizations for HQC to avoid secret-dependent branches. Thank you to Zhenzhi Lai and Zhiyuan Zhang from from the University of Melbourne and the Max Planck Institute for Security and Privacy for identifying the issue.
What's New
This release continues from the 0.13.0 release of liboqs.
Key encapsulation mechanisms
- HQC: Disabled compiler optimizations to avoid secret-dependent branching in certain configurations. HQC remains disabled by default.
- ML-KEM: Updated the default ML-KEM implementation to PQCP's mlkem-native v1.0.0.
Digital signature schemes
- New API: added an API function to check if a signature scheme supports signing with a context string.
- SNOVA: added SNOVA from NIST Additional Signature Schemes Round 2.
Other changes
- Added an AVX512VL-optimized backend for SHA3.
- Improved memory management throughout the codebase.
What's Changed
- Switch to dev mode after 0.13.0 release by @praveksharma in #2125
- Restrict -Wno-maybe-uninitialized to GCC and fix stack size typo by @alraddady in #2111
- Promote @SWilson4 from Committer to Maintainer [skip ci] by @SWilson4 in #2120
- Update Nix flake inputs by @aidenfoxivey in #2126
- Change cuPQC upstream repo by @praveksharma in #2115
- Integrate SNOVA into liboqs by @vacuas in #2109
- Update ACVP vectors to latest release by @abhinav-thales in #2131
- Add a function to check if context string is supported by @M-AlNoaimi in #2142
- Skip failing CI test by @dstebila in #2157
- Use OQS_MEM_cleanse() instead of memset() by @Hussain1811 in #2158
- Check for NULL dereference before using secure free by @Hussain1811 in #2151
- Update mlkem-native to v1.0.0 by @mkannwischer in #2146
- test: Use secure free for freeing secret key objects by @Hussain1811 in #2149
- tests: Remove unused variables by @Hussain1811 in #2152
- Wycheproof by @h2parson in #2145
- tests: Check OQS_STATUS of RNG and fstore functions by @Hussain1811 in #2153
- Adjust constant-time test exception for mlkem-native by @mkannwischer in #2162
- Continuous Benchmarking using Github Actions by @pablo-gf in #2134
- test: Add basic kem fuzz testing by @nathaniel-brough in #2133
- Increase alert threshold for continuous benchmarking by @pablo-gf in #2166
- Benchmarking comments only on alerts by @dstebila in #2168
- Adding code coverage by @aidenfoxivey in #2148
- Add AVX512VL-Optimized SHA3/SHAKE Implementations by @mdcornu in #2167
- Zeroize memory in SHA3 implementation by @aidenfoxivey in #2171
- Disable compiler optimizations for HQC by @SWilson4 in 4215362
New Contributors
- @alraddady made their first contribution in #2111
- @vacuas made their first contribution in #2109
- @M-AlNoaimi made their first contribution in #2142
- @Hussain1811 made their first contribution in #2158
- @h2parson made their first contribution in #2145
- @mdcornu made their first contribution in #2167
Full Changelog: 0.13.0...0.14.0-rc1
Contributors
Assets 2
liboqs version 0.13.0
liboqs version 0.13.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.13.0 of liboqs. It was released on April 16, 2025.
This release improves support for NIST Additional Signatures Round 2 candidates: CROSS and MAYO implementations are updated and support is added for UOV. This release also adds a new KEM API for deterministic key generation (only supported by ML-KEM at the moment). Finally, this release adds support for ML-KEM implementations from 2 new sources: formally verified portable C, AVX2, and AArch64 implementations from PQCP's mlkem-native and a GPU accelerated CUDA implementation from Nvidia cuPQC.
OQS is running a survey to better understand our community. We would like to hear from organizations and individuals about their interest in and use of the Open Quantum Safe project. Please take a few minutes to fill out the survey: https://linuxfoundation.surveymonkey.com/r/oqssurvey
What's New
This release continues from the 0.12.0 release of liboqs.
Key encapsulation mechanisms
- New API: Added a deterministic key generation and API for KEMs (only ML-KEM supported at the moment).
- ML-KEM: Changed the default ML-KEM implementation to PQCP's mlkem-native. There are three variants: Portable C, AVX2, and AArch64. Large parts of these implementations are formally verified: all of the C code is verified for memory and type safety using CBMC and the functional correctness of the core AArch64 assembly routines is verified using HOL-Light.
- ML-KEM: Added support for the ML-KEM implementation from Nvidia cuPQC, a GPU accelerated cryptography library.
- ML-KEM: Implementation from mlkem-native upstream updated to add Pair-wise Consistency Test (PCT) and Intel CET support.
- ML-KEM: Improved testing of ML-KEM keys.
- HQC: Disabled HQC by default until a new security flaw is fixed.
Digital signature schemes
- ML-DSA: Improved testing for ML-DSA.
- CROSS: Updated to NIST Additional Signatures Round 2 version.
- MAYO: Updated to NIST Additional Signatures Round 2 version.
- UOV: Added support for UOV algorithm from NIST Additional Signatures Round 2.
Other changes
- Added support for loongarch64 architecture.
Detailed changelog
What's Changed
- Bump version to 0.12.1-dev by @dstebila in #2015
- Add loongarch64 support by @zhaixiaojuan in #2010
- Minor changes to ML_DSA ACVP tests by @abhinav-thales in #2007
- Update upload-artifact action to v4 by @dstebila in #2017
- Remove hardcoded build paths & modify basic workflow to build in random path by @iyanmv in #2019
- Trigger liboqs-java and liboqs-rust downstream CI by @SWilson4 in #2021
- #1830 update scorecard to v5 (gh action 2.4.0) by @planetf1 in #1890
- Update PQClean commit and delete patch for HQC by @SWilson4 in #2026
- Bump jinja2 from 3.1.4 to 3.1.5 in /scripts/copy_from_upstream in the pip group by @dependabot in #2036
- Avoid unresolved symbols from libcrypto when compiled with OQS_DLOPEN_OPENSSL by @ueno in #2043
- Update to public Ubuntu 24.04 ARM runner by @SWilson4 in #2050
- NVIDIA: Adding cuPQC as a backend for ML-KEM. by @stevenireeves in #2044
- Update ACVP vectors for KEM and DSA by @abhinav-thales in #2051
- CI: Check unresolved symbols when compiled with OQS_DLOPEN_OPENSSL by @ueno in #2058
- Fix failing zephyr CI workflows, pinning v0.27.4 by @bhess in #2063
- Update sig_stfl Doxygen documentation by @pablo-gf in #2059
- Import ML-KEM from mlkem-native/PQ code package by @bhess in #2041
- Update example files by @SWilson4 in #2071
- GitHub runner updates by @SWilson4 in #2069
- Disable cupqc-buildcheck by @praveksharma in #2075
- Add threat model by @dstebila in #2033
- Update CROSS to version 2.0 by @rtjk in #2078
- improving CONTRIBUTING.md for maintainability [skip ci] by @baentsch in #2081
- Ensure that building against liboqs build directory works by @levitte in #2086
- Added alg_version details to test output by @pablo-gf in #2080
- Add checks for ML-KEM keys by @abhinav-thales in #2009
- Update actions/cache to v4.2.2 by @mkannwischer in #2093
- Add Nix flake by @aidenfoxivey in #1970
- Update MAYO to NIST round 2 by @bhess in #2095
- Update mlkem-native to v1.0.0-beta by @mkannwischer in #2092
- Add references to security response process by @SWilson4 in #2077
- Bump version to 0.13.0-dev [skip ci] by @SWilson4 in #2099
- Add UOV by @mkannwischer in #2094
- Add bitflip test for trivial SUF-CMA forgeries by @rtjk in #2090
- Update MAYO version in algorithm datasheet by @bhess in #2103
- Add DeriveKeyPair API by @SWilson4 in #2070
- Update nist-round in UOV and MAYO data sheet by @bhess in #2105
- build: search unistd.h separately from sys/random.h for getentropy by @mkroening in #2104
- Add support caveat by @SWilson4 in #2114
- Temporarily disable HQC by @dstebila in #2122
- Fix PR workflow runs by @SWilson4 in #2123
New Contributors
- @zhaixiaojuan made their first contribution in #2010
- @stevenireeves made their first contribution in #2044
- @pablo-gf made their first contribution in #2059
- @levitte made their first contribution in #2086
- @mkannwischer made their first contribution in #2093
- @mkroening made their first contribution in #2104
Full Changelog: 0.12.0...0.13.0
Contributors
Assets 2
liboqs version 0.13.0-rc1
liboqs version 0.13.0-rc1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.13.0-rc1 of liboqs. It was released on March 19, 2025.
This release improves support for NIST Additional Signatures Round 2 candidates: CROSS and MAYO implementations are updated and support is added for UOV. This release also adds a new KEM API for deterministic key generation (only supported by ML-KEM at the moment). Finally, this release adds support for ML-KEM implementations from 2 new sources: formally verified portable C, AVX2, and AArch64 implementations from PQCP's mlkem-native and a GPU accelerated CUDA implementation from Nvidia cuPQC.
What's New
This release continues from the 0.12.0 release of liboqs.
Key encapsulation mechanisms
- New API: Added a deterministic key generation and API for KEMs (only ML-KEM supported at the moment).
- ML-KEM: Changed the default ML-KEM implementation to PQCP's mlkem-native. There are three variants: Portable C, AVX2, and AArch64. Large parts of these implementations are formally verified: all of the C code is verified for memory and type safety using CBMC and the functional correctness of the core AArch64 assembly routines is verified using HOL-Light.
- ML-KEM: Added support for the ML-KEM implementation from Nvidia cuPQC, a GPU accelerated cryptography library.
- ML-KEM: Implementation from mlkem-native upstream updated to add Pair-wise Consistency Test (PCT) and Intel CET support.
- ML-KEM: Improved testing of ML-KEM keys.
Digital signature schemes
- ML-DSA: Improved testing for ML-DSA.
- CROSS: Updated to NIST Additional Signatures Round 2 version.
- MAYO: Updated to NIST Additional Signatures Round 2 version.
- UOV: Added support for UOV algorithm from NIST Additional Signatures Round 2.
Other changes
- Added support for loongarch64 architecture.
Detailed changelog
What's Changed
- Bump version to 0.12.1-dev by @dstebila in #2015
- Add loongarch64 support by @zhaixiaojuan in #2010
- Minor changes to ML_DSA ACVP tests by @abhinav-thales in #2007
- Update upload-artifact action to v4 by @dstebila in #2017
- Remove hardcoded build paths & modify basic workflow to build in random path by @iyanmv in #2019
- Trigger liboqs-java and liboqs-rust downstream CI by @SWilson4 in #2021
- #1830 update scorecard to v5 (gh action 2.4.0) by @planetf1 in #1890
- Update PQClean commit and delete patch for HQC by @SWilson4 in #2026
- Bump jinja2 from 3.1.4 to 3.1.5 in /scripts/copy_from_upstream in the pip group by @dependabot in #2036
- Avoid unresolved symbols from libcrypto when compiled with OQS_DLOPEN_OPENSSL by @ueno in #2043
- Update to public Ubuntu 24.04 ARM runner by @SWilson4 in #2050
- NVIDIA: Adding cuPQC as a backend for ML-KEM. by @stevenireeves in #2044
- Update ACVP vectors for KEM and DSA by @abhinav-thales in #2051
- CI: Check unresolved symbols when compiled with OQS_DLOPEN_OPENSSL by @ueno in #2058
- Fix failing zephyr CI workflows, pinning v0.27.4 by @bhess in #2063
- Update sig_stfl Doxygen documentation by @pablo-gf in #2059
- Import ML-KEM from mlkem-native/PQ code package by @bhess in #2041
- Update example files by @SWilson4 in #2071
- GitHub runner updates by @SWilson4 in #2069
- Disable cupqc-buildcheck by @praveksharma in #2075
- Add threat model by @dstebila in #2033
- Update CROSS to version 2.0 by @rtjk in #2078
- improving CONTRIBUTING.md for maintainability [skip ci] by @baentsch in #2081
- Ensure that building against liboqs build directory works by @levitte in #2086
- Added alg_version details to test output by @pablo-gf in #2080
- Add checks for ML-KEM keys by @abhinav-thales in #2009
- Update actions/cache to v4.2.2 by @mkannwischer in #2093
- Add Nix flake by @aidenfoxivey in #1970
- Update MAYO to NIST round 2 by @bhess in #2095
- Update mlkem-native to v1.0.0-beta by @mkannwischer in #2092
- Add references to security response process by @SWilson4 in #2077
- Bump version to 0.13.0-dev [skip ci] by @SWilson4 in #2099
- Add UOV by @mkannwischer in #2094
- Add bitflip test for trivial SUF-CMA forgeries by @rtjk in #2090
- Update MAYO version in algorithm datasheet by @bhess in #2103
- Add DeriveKeyPair API by @SWilson4 in #2070
- Update nist-round in UOV and MAYO data sheet by @bhess in #2105
- build: search unistd.h separately from sys/random.h for getentropy by @mkroening in #2104
New Contributors
- @zhaixiaojuan made their first contribution in #2010
- @stevenireeves made their first contribution in #2044
- @pablo-gf made their first contribution in #2059
- @levitte made their first contribution in #2086
- @mkannwischer made their first contribution in #2093
- @mkroening made their first contribution in #2104
Full Changelog: 0.12.0...0.13.0-rc1
Contributors
Assets 2
liboqs version 0.12.0
liboqs version 0.12.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.12.0 of liboqs. It was released on December 9, 2024.
This release updates the ML-DSA implementation to the final FIPS 204 version. This release still includes the NIST Round 3 version of Dilithium for interoperability purposes, but we plan to remove Dilithium Round 3 in a future release.
Deprecation notice
This will be the last release of liboqs to include Kyber (that is, the NIST Round 3 version of Kyber, prior to its standardization by NIST as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).
The addition of ML-DSA FIPS 204 final version to liboqs has introduced a new signature API which includes a context string parameter. We are planning to remove the old version of the API without a context string in the next release to streamline the API and bring it in line with NIST specifications. Users who have an opinion on this removal are invited to provide input at #2001.
Security issues
- CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
What's New
This release continues from the 0.11.0 release of liboqs.
Key encapsulation mechanisms
- HQC: Fixed bug in decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
- Kyber: This is the last release of liboqs to include Kyber.
- ML-KEM: Improved testing of ML-KEM.
Digital signature schemes
- LMS: Fixed crashing bug.
- ML-DSA: Removed FIPS 204-ipd (initial public draft) and replaced it with FIPS 204 final version.
- Added new API for digital signatures with context strings; see #2001 for plan to remove old API without context string.
- Added fuzzing tests for signature schemes.
- Added benchmarking for stateful hash-based signature schemes.
Other changes
- Updated CBOM format to version 1.6.
- Added a function
OQS_thread_stopto be called by multi-threaded applications to properly deallocate resources in a threaded execution. - Added preprocessor macros conveying liboqs version information.
Detailed changelog
What's Changed
- 0.11.0 release by @praveksharma in #1939
- Bump version to 0.11.1-dev by @SWilson4 in #1940
- Remove hardcoded build patch from test script by @iyanmv in #1938
- Don't include dlfcn.h for Windows by @steenrasmussen in #1936
- Update CBOM format to upstream v1.6 by @bhess in #1834
- Downgrade zephyr container to v0.26.14 to avoid build failures by @bhess in #1949
- Fix for Zephyr CI by @Frauschi in #1953
- Add a basic fuzz testing harness for Dilithium2 by @nathaniel-brough in #1905
- [#1823] replace malloc/calloc/strdup/free with openssl allocator by @songlingatpan in #1926
- Add benchmarking for stateful hash based schemes: speed_sig_stfl by @cr-marcstevens in #1952
- Update CODEOWNERS by @dstebila in #1943
- Add new API to cleanup OpenSSL threads. by @ashman-p in #1959
- Adapt existing sig fuzz harness including more algorithms by @nathaniel-brough in #1955
- add C++ linking test by @aidenfoxivey in #1971
- Make random/functions deterministic during fuzzing by @nathaniel-brough in #1974
- Remove SPHINCS+ aarch64 code by @SWilson4 in #1972
- Remove macos-12 runner due to GitHub deprecation. by @SWilson4 in #1977
- Revert "Disable erroring TravisCI build" by @bhess in #1960
- imported fix from CROSS upstream: endianness-aware csprng by @rtjk in #1983
- chore: Add CI badges to README.md by @ChinoUkaegbu in #1987
- Update PLATFORMS.md / re-enable CROSS on s390x by @SWilson4 in #1988
- Avoid OpenSSL functions are unconditionally called at OQS_destroy by @ueno in #1982
- Test Improvements for ML-KEM by @abhinav-thales in #1947
- Add patch to fix HQC decapsulation in 95f904b
- Run copy_from_upstream.py in cce1bfd
- Fix LMS crash by @ashman-p in #1998
- Set ML-KEM alg_version to "FIPS203" by @SWilson4 in #1997
- Add ML-DSA / FIPS 204 final by @bhess in #1919
- Add defines for OQS version components by @dstebila in #2000
- Create liboqs 0.12.0 release candidate 1 by @dstebila in #2006
New Contributors
- @steenrasmussen made their first contribution in #1936
- @nathaniel-brough made their first contribution in #1905
- @songlingatpan made their first contribution in #1926
- @cr-marcstevens made their first contribution in #1952
- @aidenfoxivey made their first contribution in #1971
- @ChinoUkaegbu made their first contribution in #1987
- @abhinav-thales made their first contribution in #1947
Full Changelog: 0.11.0...0.12.0
Contributors
Assets 2
liboqs version 0.11.0
liboqs version 0.11.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.11.0 of liboqs. It was released on September 26, 2024.
This release updates ML-KEM implementations to their final FIPS 203 versions. This release still includes the NIST Round 3 version of Kyber for interoperability purposes, but we plan to remove Kyber Round 3 in a future release. Additionally, this release adds support for MAYO and CROSS digital signature schemes from NIST Additional Signatures Round 1 along with stateful hash-based signature schemes XMSS and LMS. Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from libjade.
LMS and XMSS are disabled by default due to the security risks associated with their use in software. See the note on stateful hash-based signatures in CONFIGURE.md.
What's New
This release continues from the 0.10.1 release of liboqs.
Key encapsulation mechanisms
- Kyber: Added formally-verified portable C and AVX2 implementations of Kyber-512 and Kyber-768 from libjade.
- ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512, ML-KEM-768, and ML-KEM-1024 to FIP 203 version.
- Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and Kyber-1024 to work with AddressSanitizer.
Digital signature schemes
- LMS/XMSS: Added implementations of stateful hash-based signature schemes: XMSS and LMS.
- MAYO: Added portable C and AVX2 implementations of MAYO signature scheme from NIST Additional Signatures Round 1.
- CROSS: Added portable C and AVX2 implementations of CROSS signature scheme from NIST Additional Signatures Round 1.
Other changes
- Added callback API to use custom implementations of AES, SHA2, and SHA3.
- Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API.
Detailed changelog
- [NFCI] Move Keccak rhotates tables to rodata by @aaupov in #1739
- Document Fix by @pi-314159 in #1735
- Add option to dynamically load libcrypto.so.* by @ueno in #1603
- Allow windows linking of test programs by @matlimatli in #1751
- Refactor OpenSSL Implementation of SHA3 SHAKE to use new Squeeze API by @Eddy-M-K in #1694
- remove "maximum" words for most length fields by @wangweij in #1747
- add compile_commands.json to .gitignore by @carsonRadtke in #1754
- Fix linking of test programs on msys by @d0p1s4m4 in #1758
- restrict Windows platform support documentation [skip ci] by @baentsch in #1762
- Add workflow dispatch to action by @ryjones in #1778
- Bump jinja2 from 3.1.3 to 3.1.4 in /scripts/copy_from_upstream by @dependabot in #1782
- Algorithm selection clarification by @beldmit in #1784
- Use OPENSSL_cleanse if OpenSSL is used by @bencemali in #1773
- Errors not printed out when OPENSSL_NO_STDIO is set by @bencemali in #1774
- Add Stateful Signature (XMSS and LMS) by @ashman-p in #1650
- Forward-declare OQS_SIG in sig_stfl.h by @SWilson4 in #1820
- Move Linux ARM64 "build" test from CircleCI to GitHub Actions by @SWilson4 in #1814
- Fix test_alg_info.py on Windows platform by @qnfm in #1821
- Increment version string to 0.10.2-dev by @SWilson4 in #1813
- Add XMSS-SHA256_{10, 16, 20}_192 parameters by @cothan in #1817
- Add XMSS-SHAKE256_{10, 16, 20}_192 parameters by @cothan in #1818
- Add XMSS-SHAKE256_{10, 16, 20}_256 parameters by @cothan in #1819
- Create scorecard.yml (OpenSSF) by @planetf1 in #1708
- Expose callback API for replacing low-level cryptographic primitives by @ueno in #1832
- Add MAYO signature scheme from NIST onramp by @bhess in #1707
- Bump zipp from 3.4.0 to 3.19.1 in /scripts/copy_from_upstream in the pip group by @dependabot in #1836
- Update and fix CI status badges by @anvega in #1844
- Use
cmake -LA -Ninstead ofcmake -LAin CI by @SWilson4 in #1848 - Fix passes.json entries for MAYO by @bhess in #1852
- ML-KEM NIST tests, fix order of d and z by @bhess in #1854
- Move from CircleCI to GitHub Actions by @SWilson4 in #1849
- Add a convenience script for consistent astyle formatting by @SWilson4 in #1861
- Quick fixes from Trail of Bits audit Week 1 by @SWilson4 in #1869
- Check return value of fscanf in LMS/XMSS KAT tests by @SWilson4 in #1874
- Fix downstream CI trigger by @SWilson4 in #1857
- Don't hardcode OPENSSL_ROOT_DIR to /usr on Linux by @SWilson4 in #1873
- Fix overflow in stateful sigs tests by @SWilson4 in #1887
- Integrate Kyber from libjade by @praveksharma in #1745
- Use explicit_memset if available. NetBSD has support for it: by @loganaden in #1872
- Disable erroring TravisCI build by @bhess in #1901
- Update OpenSSH downstream branch to OQS-v9 by @SWilson4 in #1898
- Fix incorrect formatting in unix.yml by @praveksharma in #1902
- CMakeLists: add ppc case to known archs by @barracuda156 in #1816
- Remove old ad hoc CI for Apple M1 by @dstebila in #1907
- Add ML-KEM / FIPS203 final by @bhess in #1899
- Update checkout action in weekly.yml by @praveksharma in #1908
- Add CROSS by @rtjk in #1881
- Refactor liboqs CI and update Ubuntu images by @SWilson4 in #1909
- Check workflows for issues during CI by @jplomas in #1916
- Patch Kyber to...
Contributors
Assets 2
0.10.1
liboqs version 0.10.1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.10.1 of liboqs. It was released on June 7, 2024.
This release is a security release which fixes potential non-constant-time behaviour in ML-KEM and Kyber based on pq-crystals/kyber@0264efa and pq-crystals/kyber@9b8d306. It also includes a fix for incorrectly named macros in the ML-DSA implementation.
What's New
This release continues from the 0.10.0 release of liboqs.
Key encapsulation mechanisms
- Kyber: portable C implementation updated
- ML-KEM: portable C implementation updated
Digital signature schemes
- ML-DSA: incorrectly named macros renamed
Detailed changelog
- switching to dev mode again by @baentsch in #1743
- Update README.md by @vsoftco in #1769
- Fix README.md to work with Doxygen release 1.10.0 by @praveksharma in #1775
- Fix for incorrect macros in signatures. by @bhess in #1799
- Pull Kyber/ML-KEM CT-Fix from upstream by @bhess
- Force gcc 13.2.0 over 13.3.0 by @planetf1 in #1805
Full Changelog: 0.10.0...0.10.1
Contributors
Assets 2
0.10.0
liboqs version 0.10.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.10.0 of liboqs. It was released on March 20, 2024.
This release adds support for ML-KEM (previously known as CRYSTALS-Kyber) and ML-DSA (previously known as CRYSTALS-Dilithium), based on the initial public drafts of FIPS 203 and FIPS 204, respectively. OQS continues to support the NIST Round 3 versions of Kyber and Dilithium for interoperability purposes. This release additionally updates HQC to the NIST Round 4 version and adds support for fixed-length Falcon signatures.
What's New
This release continues from the 0.9.2 release of liboqs.
Key encapsulation mechanisms
- BIKE: Updated portable C implementation to include constant-time fixes from upstream.
- HQC: Updated to NIST Round 4 version.
- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-768, and ML-KEM-1024.
Digital signature schemes
- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification.
- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87.
Other changes
- Improved thread safety.
- Added uninstall support via
ninja uninstall - Documented platforms by support tier in PLATFORMS.md.
- Added support for Zephyr RTOS.
- Improved support for macOS on Apple Silicon.
- Removed support for the "NIST-KAT" DRBG.
- Added extended KAT test programs.
Detailed changelog
- PR template update & OpenSSL clarification by @baentsch in #1582
- Use CMAKE_USE_PTHREADS_INIT by @zxjtan in #1576
- Add section to CONFIGURE.md link by @iyanmv in #1578
- Run copy_from_upstream and test by @baentsch in #1589
- Support several pqclean upstream versions by @baentsch in #1595
- Call Keccak_(X4_)Dispatch with pthread_once by @zxjtan in #1549
- minor updates by @vsoftco in #1600
- Pull new HQC implementation from upstream by @SWilson4 in #1585
- add uninstall support by @baentsch in #1604
- Ensure generic OQS_OPT_TARGET in weekly CT tests by @SWilson4 in #1618
- update .travis.yml by @bhess in #1629
- Pull latest Kyber version from upstream by @bhess in #1631
- platform support documentation [skip ci] by @baentsch in #1605
- Add support for Zephyr RTOS by @Frauschi in #1621
- Apply patch to Kyber aarch64 code from PQClean for variable-time division issue. by @bhess in #1636
- Fix BIKE constant-time errors by @SWilson4 in #1632
- Fix falcon constant time check in Valgrind by @cothan in #1646
- Correct cmake version requirement by @baentsch in #1643
- Pull Kyber division fixes from PQ-Crystals into main by @praveksharma in #1649
- Bump gitpython from 3.1.37 to 3.1.41 in /scripts/copy_from_upstream by @dependabot in #1659
- Zephyr: fixes for platform support by @Frauschi in #1658
- Bump jinja2 from 2.11.3 to 3.1.3 in /scripts/copy_from_upstream by @dependabot in #1661
- Riscv zephyr support by @trigpolynom in #1641
- Zephyr: CMake fixes by @Frauschi in #1664
- Clarify that copyright is held by authors and not the project itself [skip ci] by @dstebila in #1668
- Make internal API available to (only) test programs by @SWilson4 in #1667
- Remove reference to old BIKE variants from CONFIGURE.md [skip ci] by @SWilson4 in #1669
- Add a document describing our subproject governance by @dstebila in #1675
- Set the correct compile flag for the memory sanitizer build by @SWilson4 in #1680
- Test against all 100 KAT values by @SWilson4 in #1560
- Update BIKE documentation to exclude x86 by @SWilson4 in #1679
- find_package(Threads) regardless of BUILD_ONLY_LIB by @zxjtan in #1653
- Call set_available_cpu_extensions using pthread_once by @zxjtan in #1671
- Discontinue AppVeyor CI testing by @SWilson4 in #1682
- Run oqs-provider release tests in CI on release candidate branches by @SWilson4 in #1654
- Fix link in GOVERNANCE.md by @Martyrshot in #1686
- Rename weekly runs and skip Falcon-1024 [skip ci] by @SWilson4 in #1684
- Update McEliece suppression files for generic config by @SWilson4 in #1677
- Update SPHINCS+ "clean" suppression files by @SWilson4 in #1683
- Update Sphincs+ Markdown documentation from YAML by @SWilson4 in #1690
- properly document release support level [skip ci] by @baentsch in #1688
- set(OQS_USE_PTHREADS OFF) on MinGW/Cygwin by @zxjtan in #1695
- Fix cross compilation and test in CI by @SWilson4 in #1696
- update brew install instructions to use openssl@3 instead of [email protected] [skip ci] by @Martyrshot in #1701
- Add ML-DSA-ipd and ML-KEM-ipd & NIST supplied test vectors by @bhess in #1626
- Small fixes after adding ML-* by @bhess in #1702
- Move MacOS CI tests to GitHub Actions; add M1 CI tests by @SWilson4 in #1709
- Update liboqs readme to point to oqs-provider instead of deprecated openssl1.1.1 fork [skip ci] by @Martyrshot in #1699
- Fix for the Zephyr CI tests by @Frauschi in #1714
- remove references to unsupported openssh [skip ci] by @baentsch in #1713
- fix documentation generation by @baentsch in #1715
- Support Falcon PADDED format by @SWilson4 in #1710
- Fix for alg_support.cmake by @bhess in https://git...
Contributors
Assets 2
liboqs version 0.9.2
liboqs version 0.9.2
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.9.2 of liboqs. It was released on January 16, 2024.
This release is a security release which fixes potential non-constant-time behaviour in Kyber based on pq-crystals/kyber@272125f
What's New
This release continues from the 0.9.1 release of liboqs.
Key encapsulation mechanisms
- Kyber: C, AVX2, and aarch64 implementation updated
Detailed changelog
- Pull Kyber division fixes from PQ-Crystals into dev-092 by @praveksharma in #1652
Full Changelog: 0.9.1...0.9.2
Contributors
Assets 2
liboqs version 0.9.1
liboqs version 0.9.1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.9.1 of liboqs. It was released on December 22, 2023.
This release is a security release which fixes potential non-constant-time behaviour in Kyber based on pq-crystals/kyber@dda29cc
What's New
This release continues from the 0.9.0 release of liboqs.
Key encapsulation mechanisms
- Kyber: C, AVX2, and aarch64 implementation updated
Detailed changelog
- pull kyber from upstream: dda29cc63af721981ee2c831cf00822e69be3220 (#1631) by @dstebila in #1633
- Apply patch to Kyber aarch64 code from PQClean for variable-time division issue -> targeting 0.9.1 by @bhess in #1637
Full Changelog: 0.9.0...0.9.1