ifranzki
commented
1 month ago Currently it does not.
As a first step the final versions of the post-quantum crypto algorithms need to be included into OpenSSL somehow. This could either be by adding support for those to the OpenSSL code base, or by including the OQS provider into the OpenSSL code base. It is up to the OpenSSL org to decide that.
Once this has happend, we can think about how to best HW accelerate post-quantum crypto algorithms. One option could be to enhance the IBMCA provider and add post quantum algorithms, another option could be to add HW acceleration right into the OpenSSL or OQS provider code.
We haven't decided yet, but it is certainly on our wish list, too.
I' leave this issue open for now as a feature request, and update once there are any developments in that area.
Will the IBM-CA provider (https://www.ibm.com/docs/en/linux-on-systems?topic=openssl-using-ibmca-provider) support post-quantum crypto algorithms in the future similar to the OQS provider (https://github.com/open-quantum-safe/oqs-provider) for Z and LinuxONE?