Skip to content

Latest commit

 

History

History
31 lines (26 loc) · 2.83 KB

STANDARDS.md

File metadata and controls

31 lines (26 loc) · 2.83 KB
Raw

Standards supported when deploying oqsprovider

For non-post-quantum algorithms, this provider is basically silent, i.e., permits use of standards and algorithms implemented by openssl , e.g., concerning X.509, PKCS#8 or CMS.

For post-quantum algorithms, the version of the cryptographic algorithm used depends on the version of liboqs used. Regarding the integration of post-quantum algorithms into higher level components, this provider implements the following standards:

  • For TLS:

    • Hybrid post-quantum / traditional key exchange:
      • The data structures used follow the Internet-Draft Hybrid key exchange in TLS 1.3, namely simple concatenation of traditional and post-quantum public keys and shared secrets.
      • The algorithm identifiers used are documented in oqs-kem-info.md.
    • Hybrid post-quantum / traditional signatures in TLS:
      • For public keys and digital signatures inside X.509 certificates, see the bullet point on X.509 below.
      • For digital signatures outside X.509 certificates and in the TLS 1.3 handshake directly, the data structures used follow the same encoding format as that used for X.509 certificates, namely simple concatenation of traditional and post-quantum signatures.
      • The algorithm identifiers used are documented in oqs-sig-info.md.

  • For X.509:

  • For PKCS#8:

    • Hybrid post-quantum / traditional private keys:
      • Simple concatenation of traditional and post-quantum components in plain binary / OCTET_STRING representations.

  • For composite signatures, the implementation follows this IETF draft (version 13). Note that only those PQ algorithms denoted with the marker "composite" in oqs-template/generate.yml are provided with composite variants and not all.

Note: Please heed the documentation on the enablement of KEM encoders via PKCS#8 and X.509.