Closed pqfan closed 5 months ago
Sorry for the delay answering but you may have noticed there's not a lot of community support for this project (when I'm not scouring my Inbox for OQS-related mails :). Personally I think you're asking for something interesting but technically impossible: If I'm not mistaken, McEliece is not fitting the limitations of the TLS protocol, hence not integrated to oqs-provider, hence not supported by openssl
, hence not allowing operation of these algs in openvpn
. An integration of xmss/lms to oqs-provider
also is only in discussion stage AFAIK (you just witnessed the "merging" pains of the integration of those algs into liboqs
, not yet to oqs-provider
). So I'm afraid you're out of luck (maybe only temporarily for stateful hash-based sigs, but permanently for McEliece). Every contribution (first to oqs-provider
) would be very welcome to make headway resolving this!
Yes, Classic McEliece does not immediately fit into the packet size constraints of TLS. I think some people have thought about ways around this, such as providing them via external resources, but it's not something that's been pursued within OQS.
Greetings OQS experts!
Thank you really much for those clarifications you made!
So I decide to stick to the current commit and work/test it a bit and will be expecting for future updates. Will keep checking the git for news and so.
My best regards, appreciation and admiral towards you all!
Issue resolved as of now
Greetings all again,
Again many thanks to the Open Quantum Safe group, people and supporters for this great project!
I would like to aak this time how is it possible to build the docker image with some extra specific kem and signature algorithms from the liboqs, especially Classic-McEliece and the higher security level sphincs, xmss, lmss. What edits should I apply to the Dockerfile and possibly in other files in order to generate and oqs-demo/openvpn image with those algorithms also enabled? Or if there is some additional procedure I should follow to do it, such as a pull through the github/docker and then edit more files e.t.c.
Thank you very much for your time in any case and thanks again for providing the cryptography enthusiasts with cutting edge top notch cryptography standards!
Best regards