open-quantum-safe / oqs-demos

PARTIALLY SUPPORTED Instructions for enabling the use of quantum-safe cryptography in assorted software using the OQS suite. CONTRIBUTORS WANTED.
https://openquantumsafe.org/
127 stars 74 forks source link
chromium cryptography curl httpd nginx post-quantum tls

GitHub actions QUIC open-quantum-safe

oqs-demos

Purpose

A repository of instructions (with associated patches and scripts) to enable, through liboqs, the use of quantum-safe cryptography in various application software.

In most cases, Dockerfiles encode the instructions for ease-of-use: Just do docker build -t <package_name> .. For more detailed usage instructions (parameters, algorithms, etc.) refer to the README for each package. Pre-built Docker images may also be available.

As the level of interest in providing and maintaining these integrations for public consumption has fallen, the packages are tagged with the github monikers of the persons willing to keep supporting them or the term "unsupported". If that tag is listed, no CI and github support for the integration is available and the code shall be seen as a snapshot that once worked only.

We are explicitly soliciting contributors to maintain those integrations labelled "unsupported".

Currently available integrations at their respective support level:

Build instructions Pre-built Docker image or binary files Support?
curl Github: oqs-demos/curl Dockerhub: openquantumsafe/curl, Dockerhub: openquantumsafe/curl-quic @baentsch, @pi-314159
Apache httpd Github: oqs-demos/httpd Dockerhub: openquantumsafe/httpd @baentsch
nginx Github: oqs-demos/nginx Dockerhub: openquantumsafe/nginx, Dockerhub: openquantumsafe/nginx-quic @baentsch, @bhess, @pi-314159
Chromium Github: oqs-demos/chromium (limited support) - @pi-314159
Locust Github: oqs-demos/locust - @davidgca
OpenSSH Github: oqs-demos/openssh Dockerhub: openquantumsafe/openssh unsupported
Wireshark Github: oqs-demos/wireshark Dockerhub: openquantumsafe/wireshark unsupported
Epiphany Github: oqs-demos/epiphany Dockerhub: openquantumsafe/epiphany unsupported
OpenVPN Github: oqs-demos/openvpn Dockerhub: openquantumsafe/openvpn unsupported
ngtcp2 Github: oqs-demos/ngtcp2 Dockerhub: Server: openquantumsafe/ngtcp2-server, Client: openquantumsafe/ngtcp2-client unsupported
OpenLiteSpeed Github: oqs-demos/openlitespeed Dockerhub: openquantumsafe/openlitespeed unsupported
h2load Github: oqs-demos/h2load Dockerhub: openquantumsafe/h2load unsupported
HAproxy Github: oqs-demos/haproxy Dockerhub: openquantumsafe/haproxy unsupported
Mosquitto Github: oqs-demos/mosquitto Dockerhub: openquantumsafe/mosquitto unsupported
Envoy Github: oqs-demos/envoy Dockerhub: openquantumsafe/envoy unsupported
Unbound Github: oqs-demos/unbound Dockerhub: openquantumsafe/unbound unsupported

It should be possible to use the openssl (s_client), curl and GNOME Web/epiphany clients with all algorithm combinations available at the Open Quantum Safe TLS/X.509 interoperability test server at https://test.openquantumsafe.org (set up using oqs-provider v0.6.1 and liboqs v0.10.1) but no guarantees are given for software not explicitly labelled with the name of a person offering support for it. Since OQS-BoringSSL no longer maintains the same set of algorithms, software that depends on OQS-BoringSSL (e.g., nginx-quic and curl-quic) may not fully (inter)operate with the test server.

Contributing

Contributions are gratefully welcomed. See our Contributing Guide for more details.

License

All modifications to this repository are released under the same terms as liboqs, namely as described in the file LICENSE.

Team

Contributors to oqs-demos include:

Christian Paquin (Microsoft Research)
Dimitris Sikeridis (University of New Mexico / Cisco Systems)
Douglas Stebila (University of Waterloo)
Goutam Tamvada (University of Waterloo)
Michael Baentsch (baentsch.ch)
ISE @ FHNW (Fachhochschule Nordwestschweiz)
Anthony Hu (wolfSSL)
Igor Barshteyn
Chia-Chin Chung
Keelan Cannoo (University of Mauritius / Cyberstorm.mu)
Dindyal Jeevesh Rishi (University of Mauritius / cyberstorm.mu)
Dan Rouhana (University of Washington)
JT (Henan Raytonne Trading Company)
David Gomez-Cambronero (Telefonica Innovacion digital)

Acknowledgments

Most effort in this project has been provided by individual contributors working in their own time and out of personal interest to see how PQ crypto integrates into existing software stacks.

This project is part of Open Quantum Safe.