search

open-quantum-safe / openssl

UNSUPPORTED Fork of OpenSSL 1.1.1 that includes prototype quantum-resistant algorithms and ciphersuites based on liboqs PLEASE SWITCH TO OQS-Provider for OpenSSL 3
https://openquantumsafe.org/
Other
291 stars 125 forks source link

Implementation of Composite Keys and Encryption #432

Closed JoaoDiogoDuarte closed 1 year ago

JoaoDiogoDuarte commented 1 year ago

Hello,

I came across this article discussing X.509 certificates in openssl-oqs. It's in Japanese, so I've taken the liberty to translate it through Google Translate, link is here.

Essentially, they are claiming that you all already implement the following IETF (expired) drafts:

  1. draft-ounsworth-pq-composite-encryption
  2. draft-ounsworth-pq-explicit-composite-keys
  3. draft-ounsworth-pq-composite-keys

I was wondering if that is accurate or if you use something different, please?

Thanks!

dstebila commented 1 year ago

The composite/hybrid format for signatures/keys/certificates in the current version of OQS-OpenSSL is ad hoc, created before any of these drafts existed, and not the same as those drafts. It is our intention to move to those formats once they are stable, and I'm aware of some work being done already to prepare a pull request in oqs-provider to update to those formats.