Feature Request: Add support for algorithms from `liboqs` (Quantum Safe)

[titanism]

See https://github.com/open-quantum-safe/liboqs#supported-algorithms for documentation and https://github.com/open-quantum-safe/liboqs-rust for example binding (albeit in Rust).

[utelle]

Adding support for Kyber-1024 (offering security roughly equivalent to AES-256) is already under investigation. Currently, Kyber is the only algorithm relevant in this context that is (or will be) standardized. However, it is not decided yet whether it will actually be added to this project and - if yes - when this will happen.

Symmetric encryption, especifically AES-256 is believed to be quantum-resistant. That is, quantum computers are not expected to be able to reduce the attack time enough to be effective if the key sizes are large enough. In case that information will be published invalidating this assumption, the priority to add support for post-quantum algorithms will be increased, of course.

[utelle]

Just as a side note: all (key encapsulation) algorithms offered by liboqs are asymmetric algorithms. For SQLite3 Multiple Ciphers we need symmetric algorithms. So, none of the liboqs algorithms can be used directly.

[utelle]

After doing some further research we come to the following conclusion:

Symmetric encryption algorithms are believed to be quantum resistant, as long as the key size is sufficiently large. SQLite3 Multiple Ciphers already offers support for 2 well-known algorithms with 256-bit keys: AES-256 and ChaCha20.

Adding support for asymmetric encryption algorithms doesn't make much sense in the context of SQLite database encryption, because asymmetric encryption requires very long keys and can not be performed as efficiently as symmetric encryption. Therefore this issue will be closed for now as not planned.

[titanism]

@utelle can you please share your research and references to support this statement?

Symmetric encryption algorithms are believed to be quantum resistant

[utelle]

@utelle can you please share your research and references to support this statement?

Symmetric encryption algorithms are believed to be quantum resistant

First hints can be found in the Wikipedia article about Post-Quantum Cryptography (see 3rd paragraph in 1st section). This article contains references to various sources.

However, you can easily find further references by looking for articles about quantum-resistant cryptography. For example

• Quantum-Resistant Cryptography by John Preuß Mattsson, Ben Smeets, Erik Thormarker
• The Impact of Quantum Computing on Present Cryptography by Vasileios Mavroeidis, Kamer Vishi, Mateusz D. Zych, Audun Jøsang

just to name a few.

Adding support for new quantum-resistant algorithms will be reconsidered, as soon as it is proven that current symmetric algorithms are not quantum-safe. I'm pretty sure that new quantum-resistant symmetric algorithms will be developed in this case.