Releases: open-quantum-safe/liboqs
liboqs version 0.12.0
liboqs version 0.12.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.12.0 of liboqs. It was released on December 9, 2024.
This release updates the ML-DSA implementation to the final FIPS 204 version. This release still includes the NIST Round 3 version of Dilithium for interoperability purposes, but we plan to remove Dilithium Round 3 in a future release.
Deprecation notice
This will be the last release of liboqs to include Kyber (that is, the NIST Round 3 version of Kyber, prior to its standardization by NIST as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).
The addition of ML-DSA FIPS 204 final version to liboqs has introduced a new signature API which includes a context string parameter. We are planning to remove the old version of the API without a context string in the next release to streamline the API and bring it in line with NIST specifications. Users who have an opinion on this removal are invited to provide input at #2001.
Security issues
- CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
What's New
This release continues from the 0.11.0 release of liboqs.
Key encapsulation mechanisms
- HQC: Fixed bug in decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
- Kyber: This is the last release of liboqs to include Kyber.
- ML-KEM: Improved testing of ML-KEM.
Digital signature schemes
- LMS: Fixed crashing bug.
- ML-DSA: Removed FIPS 204-ipd (initial public draft) and replaced it with FIPS 204 final version.
- Added new API for digital signatures with context strings; see #2001 for plan to remove old API without context string.
- Added fuzzing tests for signature schemes.
- Added benchmarking for stateful hash-based signature schemes.
Other changes
- Updated CBOM format to version 1.6.
- Added a function
OQS_thread_stop
to be called by multi-threaded applications to properly deallocate resources in a threaded execution. - Added preprocessor macros conveying liboqs version information.
Detailed changelog
What's Changed
- 0.11.0 release by @praveksharma in #1939
- Bump version to 0.11.1-dev by @SWilson4 in #1940
- Remove hardcoded build patch from test script by @iyanmv in #1938
- Don't include dlfcn.h for Windows by @steenrasmussen in #1936
- Update CBOM format to upstream v1.6 by @bhess in #1834
- Downgrade zephyr container to v0.26.14 to avoid build failures by @bhess in #1949
- Fix for Zephyr CI by @Frauschi in #1953
- Add a basic fuzz testing harness for Dilithium2 by @nathaniel-brough in #1905
- [#1823] replace malloc/calloc/strdup/free with openssl allocator by @songlingatpan in #1926
- Add benchmarking for stateful hash based schemes: speed_sig_stfl by @cr-marcstevens in #1952
- Update CODEOWNERS by @dstebila in #1943
- Add new API to cleanup OpenSSL threads. by @ashman-p in #1959
- Adapt existing sig fuzz harness including more algorithms by @nathaniel-brough in #1955
- add C++ linking test by @aidenfoxivey in #1971
- Make random/functions deterministic during fuzzing by @nathaniel-brough in #1974
- Remove SPHINCS+ aarch64 code by @SWilson4 in #1972
- Remove macos-12 runner due to GitHub deprecation. by @SWilson4 in #1977
- Revert "Disable erroring TravisCI build" by @bhess in #1960
- imported fix from CROSS upstream: endianness-aware csprng by @rtjk in #1983
- chore: Add CI badges to README.md by @ChinoUkaegbu in #1987
- Update PLATFORMS.md / re-enable CROSS on s390x by @SWilson4 in #1988
- Avoid OpenSSL functions are unconditionally called at OQS_destroy by @ueno in #1982
- Test Improvements for ML-KEM by @abhinav-thales in #1947
- Add patch to fix HQC decapsulation in 95f904b
- Run copy_from_upstream.py in cce1bfd
- Fix LMS crash by @ashman-p in #1998
- Set ML-KEM alg_version to "FIPS203" by @SWilson4 in #1997
- Add ML-DSA / FIPS 204 final by @bhess in #1919
- Add defines for OQS version components by @dstebila in #2000
- Create liboqs 0.12.0 release candidate 1 by @dstebila in #2006
New Contributors
- @steenrasmussen made their first contribution in #1936
- @nathaniel-brough made their first contribution in #1905
- @songlingatpan made their first contribution in #1926
- @cr-marcstevens made their first contribution in #1952
- @aidenfoxivey made their first contribution in #1971
- @ChinoUkaegbu made their first contribution in #1987
- @abhinav-thales made their first contribution in #1947
Full Changelog: 0.11.0...0.12.0
liboqs version 0.12.0 release candidate 1
liboqs version 0.12.0-rc1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is release candidate 1 for version 0.12.0 of liboqs. It was released on November 29, 2024.
This release updates the ML-DSA implementation to the final FIPS 204 version. This release still includes the NIST Round 3 version of Dilithium for interoperability purposes, but we plan to remove Dilithium Round 3 in a future release.
Deprecation notice
This will be the last release of liboqs to include Kyber (that is, the NIST Round 3 version of Kyber, prior to its standardization by NIST as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).
The addition of ML-DSA FIPS 204 final version to liboqs has introduced a new signature API which includes a context string parameter. We are planning to remove the old version of the API without a context string in the next release to streamline the API and bring it in line with NIST specifications. Users who have an opinion on this removal are invited to provide input at #2001.
What's New
This release continues from the 0.11.0 release of liboqs.
Key encapsulation mechanisms
- HQC: Fixed correctness bug in decapsulation. Thank you to Célian Glénaz and Dahmun Goudarzi from Quarkslab for identifying the issue.
- Kyber: This is the last release of liboqs to include Kyber.
- ML-KEM: Improved testing of ML-KEM.
Digital signature schemes
- LMS: Fixed crashing bug.
- ML-DSA: Removed FIPS 204-ipd (initial public draft) and replaced it with FIPS 204 final version.
- Added new API for digital signatures with context strings; see #2001 for plan to remove old API without context string.
- Added fuzzing tests for signature schemes.
- Added benchmarking for stateful hash-based signature schemes.
Other changes
- Updated CBOM format to version 1.6.
- Added a function
OQS_thread_stop
to be called by multi-threaded applications to properly deallocate resources in a threaded execution. - Added preprocessor macros conveying liboqs version information.
Detailed changelog
What's Changed
- 0.11.0 release by @praveksharma in #1939
- Bump version to 0.11.1-dev by @SWilson4 in #1940
- Remove hardcoded build patch from test script by @iyanmv in #1938
- Don't include dlfcn.h for Windows by @steenrasmussen in #1936
- Update CBOM format to upstream v1.6 by @bhess in #1834
- Downgrade zephyr container to v0.26.14 to avoid build failures by @bhess in #1949
- Fix for Zephyr CI by @Frauschi in #1953
- Add a basic fuzz testing harness for Dilithium2 by @nathaniel-brough in #1905
- [#1823] replace malloc/calloc/strdup/free with openssl allocator by @songlingatpan in #1926
- Add benchmarking for stateful hash based schemes: speed_sig_stfl by @cr-marcstevens in #1952
- Update CODEOWNERS by @dstebila in #1943
- Add new API to cleanup OpenSSL threads. by @ashman-p in #1959
- Adapt existing sig fuzz harness including more algorithms by @nathaniel-brough in #1955
- add C++ linking test by @aidenfoxivey in #1971
- Make random/functions deterministic during fuzzing by @nathaniel-brough in #1974
- Remove SPHINCS+ aarch64 code by @SWilson4 in #1972
- Remove macos-12 runner due to GitHub deprecation. by @SWilson4 in #1977
- Revert "Disable erroring TravisCI build" by @bhess in #1960
- imported fix from CROSS upstream: endianness-aware csprng by @rtjk in #1983
- chore: Add CI badges to README.md by @ChinoUkaegbu in #1987
- Update PLATFORMS.md / re-enable CROSS on s390x by @SWilson4 in #1988
- Avoid OpenSSL functions are unconditionally called at OQS_destroy by @ueno in #1982
- Test Improvements for ML-KEM by @abhinav-thales in #1947
- Fix LMS crash by @ashman-p in #1998
- Set ML-KEM alg_version to "FIPS203" by @SWilson4 in #1997
- Add ML-DSA / FIPS 204 final by @bhess in #1919
- Add defines for OQS version components by @dstebila in #2000
New Contributors
- @steenrasmussen made their first contribution in #1936
- @nathaniel-brough made their first contribution in #1905
- @songlingatpan made their first contribution in #1926
- @cr-marcstevens made their first contribution in #1952
- @aidenfoxivey made their first contribution in #1971
- @ChinoUkaegbu made their first contribution in #1987
- @abhinav-thales made their first contribution in #1947
Full Changelog: 0.11.0...0.12.0-rc1
liboqs version 0.11.0
liboqs version 0.11.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.11.0 of liboqs. It was released on September 26, 2024.
This release updates ML-KEM implementations to their final FIPS 203 versions. This release still includes the NIST Round 3 version of Kyber for interoperability purposes, but we plan to remove Kyber Round 3 in a future release. Additionally, this release adds support for MAYO and CROSS digital signature schemes from NIST Additional Signatures Round 1 along with stateful hash-based signature schemes XMSS and LMS. Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from libjade.
LMS and XMSS are disabled by default due to the security risks associated with their use in software. See the note on stateful hash-based signatures in CONFIGURE.md.
What's New
This release continues from the 0.10.1 release of liboqs.
Key encapsulation mechanisms
- Kyber: Added formally-verified portable C and AVX2 implementations of Kyber-512 and Kyber-768 from libjade.
- ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512, ML-KEM-768, and ML-KEM-1024 to FIP 203 version.
- Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and Kyber-1024 to work with AddressSanitizer.
Digital signature schemes
- LMS/XMSS: Added implementations of stateful hash-based signature schemes: XMSS and LMS.
- MAYO: Added portable C and AVX2 implementations of MAYO signature scheme from NIST Additional Signatures Round 1.
- CROSS: Added portable C and AVX2 implementations of CROSS signature scheme from NIST Additional Signatures Round 1.
Other changes
- Added callback API to use custom implementations of AES, SHA2, and SHA3.
- Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API.
Detailed changelog
- [NFCI] Move Keccak rhotates tables to rodata by @aaupov in #1739
- Document Fix by @pi-314159 in #1735
- Add option to dynamically load libcrypto.so.* by @ueno in #1603
- Allow windows linking of test programs by @matlimatli in #1751
- Refactor OpenSSL Implementation of SHA3 SHAKE to use new Squeeze API by @Eddy-M-K in #1694
- remove "maximum" words for most length fields by @wangweij in #1747
- add compile_commands.json to .gitignore by @carsonRadtke in #1754
- Fix linking of test programs on msys by @d0p1s4m4 in #1758
- restrict Windows platform support documentation [skip ci] by @baentsch in #1762
- Add workflow dispatch to action by @ryjones in #1778
- Bump jinja2 from 3.1.3 to 3.1.4 in /scripts/copy_from_upstream by @dependabot in #1782
- Algorithm selection clarification by @beldmit in #1784
- Use OPENSSL_cleanse if OpenSSL is used by @bencemali in #1773
- Errors not printed out when OPENSSL_NO_STDIO is set by @bencemali in #1774
- Add Stateful Signature (XMSS and LMS) by @ashman-p in #1650
- Forward-declare OQS_SIG in sig_stfl.h by @SWilson4 in #1820
- Move Linux ARM64 "build" test from CircleCI to GitHub Actions by @SWilson4 in #1814
- Fix test_alg_info.py on Windows platform by @qnfm in #1821
- Increment version string to 0.10.2-dev by @SWilson4 in #1813
- Add XMSS-SHA256_{10, 16, 20}_192 parameters by @cothan in #1817
- Add XMSS-SHAKE256_{10, 16, 20}_192 parameters by @cothan in #1818
- Add XMSS-SHAKE256_{10, 16, 20}_256 parameters by @cothan in #1819
- Create scorecard.yml (OpenSSF) by @planetf1 in #1708
- Expose callback API for replacing low-level cryptographic primitives by @ueno in #1832
- Add MAYO signature scheme from NIST onramp by @bhess in #1707
- Bump zipp from 3.4.0 to 3.19.1 in /scripts/copy_from_upstream in the pip group by @dependabot in #1836
- Update and fix CI status badges by @anvega in #1844
- Use
cmake -LA -N
instead ofcmake -LA
in CI by @SWilson4 in #1848 - Fix passes.json entries for MAYO by @bhess in #1852
- ML-KEM NIST tests, fix order of d and z by @bhess in #1854
- Move from CircleCI to GitHub Actions by @SWilson4 in #1849
- Add a convenience script for consistent astyle formatting by @SWilson4 in #1861
- Quick fixes from Trail of Bits audit Week 1 by @SWilson4 in #1869
- Check return value of fscanf in LMS/XMSS KAT tests by @SWilson4 in #1874
- Fix downstream CI trigger by @SWilson4 in #1857
- Don't hardcode OPENSSL_ROOT_DIR to /usr on Linux by @SWilson4 in #1873
- Fix overflow in stateful sigs tests by @SWilson4 in #1887
- Integrate Kyber from libjade by @praveksharma in #1745
- Use explicit_memset if available. NetBSD has support for it: by @loganaden in #1872
- Disable erroring TravisCI build by @bhess in #1901
- Update OpenSSH downstream branch to OQS-v9 by @SWilson4 in #1898
- Fix incorrect formatting in unix.yml by @praveksharma in #1902
- CMakeLists: add ppc case to known archs by @barracuda156 in #1816
- Remove old ad hoc CI for Apple M1 by @dstebila in #1907
- Add ML-KEM / FIPS203 final by @bhess in #1899
- Update checkout action in weekly.yml by @praveksharma in #1908
- Add CROSS by @rtjk in #1881
- Refactor liboqs CI and update Ubuntu images by @SWilson4 in #1909
- Check workflows for issues during CI by @jplomas in #1916
- Patch Kyber to...
liboqs version 0.11.0 release candidate 1
liboqs version 0.11.0-rc1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is release candidate 1 of version 0.11.0 of liboqs. It was released on September 13, 2024.
This release updates ML-KEM implementations to their final FIPS 203 versions (OQS continues to support NIST Round 3 version of Kyber for interoperability purposes). Additionally, this release adds support for MAYO and CROSS digital signature schemes from NIST Additional Signatures Round 1 along with stateful hash-based signature schemes XMSS and LMS. Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from libjade.
LMS and XMSS are disabled by default due to the security risks associated with their use in software. See the note on stateful hash-based signatures in CONFIGURE.md.
What's New
This release continues from the 0.10.1 release of liboqs.
Key encapsulation mechanisms
- Kyber: Added formally-verified portable C and AVX2 implementations of Kyber-512 and Kyber-768 from libjade.
- ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512, ML-KEM-768, and ML-KEM-1024 to FIP 203 version.
- Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and Kyber-1024 to work with AddressSanitizer.
Digital signature schemes
- LMS/XMSS: Added implementations of stateful hash-based signature schemes: XMSS and LMS.
- MAYO: Added portable C and AVX2 implementations of MAYO signature scheme from NIST Additional Signatures Round 1.
- CROSS: Added portable C and AVX2 implementations of CROSS signature scheme from NIST Additional Signatures Round 1.
Other changes
- Added callback API to use custom implementations of AES, SHA2, and SHA3.
- Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API.
Detailed changelog
- [NFCI] Move Keccak rhotates tables to rodata by @aaupov in #1739
- Document Fix by @pi-314159 in #1735
- Add option to dynamically load libcrypto.so.* by @ueno in #1603
- Allow windows linking of test programs by @matlimatli in #1751
- Refactor OpenSSL Implementation of SHA3 SHAKE to use new Squeeze API by @Eddy-M-K in #1694
- remove "maximum" words for most length fields by @wangweij in #1747
- add compile_commands.json to .gitignore by @carsonRadtke in #1754
- Fix linking of test programs on msys by @d0p1s4m4 in #1758
- restrict Windows platform support documentation [skip ci] by @baentsch in #1762
- Add workflow dispatch to action by @ryjones in #1778
- Bump jinja2 from 3.1.3 to 3.1.4 in /scripts/copy_from_upstream by @dependabot in #1782
- Algorithm selection clarification by @beldmit in #1784
- Use OPENSSL_cleanse if OpenSSL is used by @bencemali in #1773
- Errors not printed out when OPENSSL_NO_STDIO is set by @bencemali in https://github.com/open-quantum-safe/liboqs/pull/1774f
- Add Stateful Signature (XMSS and LMS) by @ashman-p in #1650
- Forward-declare OQS_SIG in sig_stfl.h by @SWilson4 in #1820
- Move Linux ARM64 "build" test from CircleCI to GitHub Actions by @SWilson4 in #1814
- Fix test_alg_info.py on Windows platform by @qnfm in #1821
- Increment version string to 0.10.2-dev by @SWilson4 in #1813
- Add XMSS-SHA256_{10, 16, 20}_192 parameters by @cothan in #1817
- Add XMSS-SHAKE256_{10, 16, 20}_192 parameters by @cothan in #1818
- Add XMSS-SHAKE256_{10, 16, 20}_256 parameters by @cothan in #1819
- Create scorecard.yml (OpenSSF) by @planetf1 in #1708
- Expose callback API for replacing low-level cryptographic primitives by @ueno in #1832
- Add MAYO signature scheme from NIST onramp by @bhess in #1707
- Bump zipp from 3.4.0 to 3.19.1 in /scripts/copy_from_upstream in the pip group by @dependabot in #1836
- Update and fix CI status badges by @anvega in #1844
- Use
cmake -LA -N
instead ofcmake -LA
in CI by @SWilson4 in #1848 - Fix passes.json entries for MAYO by @bhess in #1852
- ML-KEM NIST tests, fix order of d and z by @bhess in #1854
- Move from CircleCI to GitHub Actions by @SWilson4 in #1849
- Add a convenience script for consistent astyle formatting by @SWilson4 in #1861
- Quick fixes from Trail of Bits audit Week 1 by @SWilson4 in #1869
- Check return value of fscanf in LMS/XMSS KAT tests by @SWilson4 in #1874
- Fix downstream CI trigger by @SWilson4 in #1857
- Don't hardcode OPENSSL_ROOT_DIR to /usr on Linux by @SWilson4 in #1873
- Fix overflow in stateful sigs tests by @SWilson4 in #1887
- Integrate Kyber from libjade by @praveksharma in #1745
- Use explicit_memset if available. NetBSD has support for it: by @loganaden in #1872
- Disable erroring TravisCI build by @bhess in #1901
- Update OpenSSH downstream branch to OQS-v9 by @SWilson4 in #1898
- Fix incorrect formatting in unix.yml by @praveksharma in #1902
- CMakeLists: add ppc case to known archs by @barracuda156 in #1816
- Remove old ad hoc CI for Apple M1 by @dstebila in #1907
- Add ML-KEM / FIPS203 final by @bhess in #1899
- Update checkout action in weekly.yml by @praveksharma in #1908
- Add CROSS by @rtjk in #1881
- Refactor liboqs CI and update Ubuntu images by @SWilson4 in #1909
- Check workflows for issues during CI by @jplomas in #1916
- Patch Kyber to fix ASAN error on ARM64 by @praveksharma in https://github.com/open-quantum-safe/liboqs/pull...
0.10.1
liboqs version 0.10.1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.10.1 of liboqs. It was released on June 7, 2024.
This release is a security release which fixes potential non-constant-time behaviour in ML-KEM and Kyber based on pq-crystals/kyber@0264efa and pq-crystals/kyber@9b8d306. It also includes a fix for incorrectly named macros in the ML-DSA implementation.
What's New
This release continues from the 0.10.0 release of liboqs.
Key encapsulation mechanisms
- Kyber: portable C implementation updated
- ML-KEM: portable C implementation updated
Digital signature schemes
- ML-DSA: incorrectly named macros renamed
Detailed changelog
- switching to dev mode again by @baentsch in #1743
- Update README.md by @vsoftco in #1769
- Fix README.md to work with Doxygen release 1.10.0 by @praveksharma in #1775
- Fix for incorrect macros in signatures. by @bhess in #1799
- Pull Kyber/ML-KEM CT-Fix from upstream by @bhess
- Force gcc 13.2.0 over 13.3.0 by @planetf1 in #1805
Full Changelog: 0.10.0...0.10.1
0.10.1 release candidate 1
liboqs version 0.10.1-rc1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is release candidate 1 of version 0.10.1 of liboqs. It was released on June 5, 2024.
This release is a security release which fixes potential non-constant-time behaviour in ML-KEM and Kyber based on pq-crystals/kyber@0264efa and pq-crystals/kyber@9b8d306. It also includes a fix for incorrectly named macros in the ML-DSA implementation.
What's New
This release continues from the 0.10.0 release of liboqs.
Key encapsulation mechanisms
- Kyber: portable C and AVX2 implementations updated
- ML-KEM: portable C and AVX2 implementations updated
Digital signature schemes
- ML-DSA: incorrectly named macros renamed
Detailed changelog
- switching to dev mode again by @baentsch in #1743
- Update README.md by @vsoftco in #1769
- Fix README.md to work with Doxygen release 1.10.0 by @praveksharma in #1775
- Fix for incorrect macros in signatures. by @bhess in #1799
- Pull Kyber/ML-KEM CT-Fix from upstream by @bhess
- Force gcc 13.2.0 over 13.3.0 by @planetf1 in #1805
Full Changelog: 0.10.0...0.10.1-rc1
0.10.0
liboqs version 0.10.0
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.10.0 of liboqs. It was released on March 20, 2024.
This release adds support for ML-KEM (previously known as CRYSTALS-Kyber) and ML-DSA (previously known as CRYSTALS-Dilithium), based on the initial public drafts of FIPS 203 and FIPS 204, respectively. OQS continues to support the NIST Round 3 versions of Kyber and Dilithium for interoperability purposes. This release additionally updates HQC to the NIST Round 4 version and adds support for fixed-length Falcon signatures.
What's New
This release continues from the 0.9.2 release of liboqs.
Key encapsulation mechanisms
- BIKE: Updated portable C implementation to include constant-time fixes from upstream.
- HQC: Updated to NIST Round 4 version.
- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-768, and ML-KEM-1024.
Digital signature schemes
- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification.
- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87.
Other changes
- Improved thread safety.
- Added uninstall support via
ninja uninstall
- Documented platforms by support tier in PLATFORMS.md.
- Added support for Zephyr RTOS.
- Improved support for macOS on Apple Silicon.
- Removed support for the "NIST-KAT" DRBG.
- Added extended KAT test programs.
Detailed changelog
- PR template update & OpenSSL clarification by @baentsch in #1582
- Use CMAKE_USE_PTHREADS_INIT by @zxjtan in #1576
- Add section to CONFIGURE.md link by @iyanmv in #1578
- Run copy_from_upstream and test by @baentsch in #1589
- Support several pqclean upstream versions by @baentsch in #1595
- Call Keccak_(X4_)Dispatch with pthread_once by @zxjtan in #1549
- minor updates by @vsoftco in #1600
- Pull new HQC implementation from upstream by @SWilson4 in #1585
- add uninstall support by @baentsch in #1604
- Ensure generic OQS_OPT_TARGET in weekly CT tests by @SWilson4 in #1618
- update .travis.yml by @bhess in #1629
- Pull latest Kyber version from upstream by @bhess in #1631
- platform support documentation [skip ci] by @baentsch in #1605
- Add support for Zephyr RTOS by @Frauschi in #1621
- Apply patch to Kyber aarch64 code from PQClean for variable-time division issue. by @bhess in #1636
- Fix BIKE constant-time errors by @SWilson4 in #1632
- Fix falcon constant time check in Valgrind by @cothan in #1646
- Correct cmake version requirement by @baentsch in #1643
- Pull Kyber division fixes from PQ-Crystals into main by @praveksharma in #1649
- Bump gitpython from 3.1.37 to 3.1.41 in /scripts/copy_from_upstream by @dependabot in #1659
- Zephyr: fixes for platform support by @Frauschi in #1658
- Bump jinja2 from 2.11.3 to 3.1.3 in /scripts/copy_from_upstream by @dependabot in #1661
- Riscv zephyr support by @trigpolynom in #1641
- Zephyr: CMake fixes by @Frauschi in #1664
- Clarify that copyright is held by authors and not the project itself [skip ci] by @dstebila in #1668
- Make internal API available to (only) test programs by @SWilson4 in #1667
- Remove reference to old BIKE variants from CONFIGURE.md [skip ci] by @SWilson4 in #1669
- Add a document describing our subproject governance by @dstebila in #1675
- Set the correct compile flag for the memory sanitizer build by @SWilson4 in #1680
- Test against all 100 KAT values by @SWilson4 in #1560
- Update BIKE documentation to exclude x86 by @SWilson4 in #1679
- find_package(Threads) regardless of BUILD_ONLY_LIB by @zxjtan in #1653
- Call set_available_cpu_extensions using pthread_once by @zxjtan in #1671
- Discontinue AppVeyor CI testing by @SWilson4 in #1682
- Run oqs-provider release tests in CI on release candidate branches by @SWilson4 in #1654
- Fix link in GOVERNANCE.md by @Martyrshot in #1686
- Rename weekly runs and skip Falcon-1024 [skip ci] by @SWilson4 in #1684
- Update McEliece suppression files for generic config by @SWilson4 in #1677
- Update SPHINCS+ "clean" suppression files by @SWilson4 in #1683
- Update Sphincs+ Markdown documentation from YAML by @SWilson4 in #1690
- properly document release support level [skip ci] by @baentsch in #1688
- set(OQS_USE_PTHREADS OFF) on MinGW/Cygwin by @zxjtan in #1695
- Fix cross compilation and test in CI by @SWilson4 in #1696
- update brew install instructions to use openssl@3 instead of openssl@1.1.1 [skip ci] by @Martyrshot in #1701
- Add ML-DSA-ipd and ML-KEM-ipd & NIST supplied test vectors by @bhess in #1626
- Small fixes after adding ML-* by @bhess in #1702
- Move MacOS CI tests to GitHub Actions; add M1 CI tests by @SWilson4 in #1709
- Update liboqs readme to point to oqs-provider instead of deprecated openssl1.1.1 fork [skip ci] by @Martyrshot in #1699
- Fix for the Zephyr CI tests by @Frauschi in #1714
- remove references to unsupported openssh [skip ci] by @baentsch in #1713
- fix documentation generation by @baentsch in #1715
- Support Falcon PADDED format by @SWilson4 in #1710
- Fix for alg_support.cmake by @bhess in https://git...
liboqs version 0.10.0 release candidate 2
liboqs version 0.10.0-rc2
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is release candidate 2 of version 0.10.0 of liboqs. It was released on March 13, 2024.
This release adds support for ML-KEM (previously known as CRYSTALS-Kyber) and ML-DSA (previously known as CRYSTALS-Dilithium), based on the initial public drafts of FIPS 203 and FIPS 204, respectively. OQS continues to support the NIST Round 3 versions of Kyber and Dilithium for interoperability purposes. This release additionally updates HQC to the NIST Round 4 version and adds support for fixed-length Falcon signatures.
What's New
This release continues from the 0.9.2 release of liboqs.
Key encapsulation mechanisms
- BIKE: Updated portable C implementation to include constant-time fixes from upstream.
- HQC: Updated to NIST Round 4 version.
- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-786, and ML-KEM-1024.
Digital signature schemes
- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification.
- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87.
Other changes
- Improved thread safety.
- Added uninstall support via
ninja uninstall
- Documented platforms by support tier in PLATFORMS.md.
- Added support for Zephyr RTOS.
- Improved support for macOS on Apple Silicon.
- Removed support for the "NIST-KAT" DRBG.
- Added extended KAT test programs.
Detailed changelog
- PR template update & OpenSSL clarification by @baentsch in #1582
- Use CMAKE_USE_PTHREADS_INIT by @zxjtan in #1576
- Add section to CONFIGURE.md link by @iyanmv in #1578
- Run copy_from_upstream and test by @baentsch in #1589
- Support several pqclean upstream versions by @baentsch in #1595
- Call Keccak_(X4_)Dispatch with pthread_once by @zxjtan in #1549
- minor updates by @vsoftco in #1600
- Pull new HQC implementation from upstream by @SWilson4 in #1585
- add uninstall support by @baentsch in #1604
- Ensure generic OQS_OPT_TARGET in weekly CT tests by @SWilson4 in #1618
- update .travis.yml by @bhess in #1629
- Pull latest Kyber version from upstream by @bhess in #1631
- platform support documentation [skip ci] by @baentsch in #1605
- Add support for Zephyr RTOS by @Frauschi in #1621
- Apply patch to Kyber aarch64 code from PQClean for variable-time division issue. by @bhess in #1636
- Fix BIKE constant-time errors by @SWilson4 in #1632
- Fix falcon constant time check in Valgrind by @cothan in #1646
- Correct cmake version requirement by @baentsch in #1643
- Pull Kyber division fixes from PQ-Crystals into main by @praveksharma in #1649
- Bump gitpython from 3.1.37 to 3.1.41 in /scripts/copy_from_upstream by @dependabot in #1659
- Zephyr: fixes for platform support by @Frauschi in #1658
- Bump jinja2 from 2.11.3 to 3.1.3 in /scripts/copy_from_upstream by @dependabot in #1661
- Riscv zephyr support by @trigpolynom in #1641
- Zephyr: CMake fixes by @Frauschi in #1664
- Clarify that copyright is held by authors and not the project itself [skip ci] by @dstebila in #1668
- Make internal API available to (only) test programs by @SWilson4 in #1667
- Remove reference to old BIKE variants from CONFIGURE.md [skip ci] by @SWilson4 in #1669
- Add a document describing our subproject governance by @dstebila in #1675
- Set the correct compile flag for the memory sanitizer build by @SWilson4 in #1680
- Test against all 100 KAT values by @SWilson4 in #1560
- Update BIKE documentation to exclude x86 by @SWilson4 in #1679
- find_package(Threads) regardless of BUILD_ONLY_LIB by @zxjtan in #1653
- Call set_available_cpu_extensions using pthread_once by @zxjtan in #1671
- Discontinue AppVeyor CI testing by @SWilson4 in #1682
- Run oqs-provider release tests in CI on release candidate branches by @SWilson4 in #1654
- Fix link in GOVERNANCE.md by @Martyrshot in #1686
- Rename weekly runs and skip Falcon-1024 [skip ci] by @SWilson4 in #1684
- Update McEliece suppression files for generic config by @SWilson4 in #1677
- Update SPHINCS+ "clean" suppression files by @SWilson4 in #1683
- Update Sphincs+ Markdown documentation from YAML by @SWilson4 in #1690
- properly document release support level [skip ci] by @baentsch in #1688
- set(OQS_USE_PTHREADS OFF) on MinGW/Cygwin by @zxjtan in #1695
- Fix cross compilation and test in CI by @SWilson4 in #1696
- update brew install instructions to use openssl@3 instead of openssl@1.1.1 [skip ci] by @Martyrshot in #1701
- Add ML-DSA-ipd and ML-KEM-ipd & NIST supplied test vectors by @bhess in #1626
- Small fixes after adding ML-* by @bhess in #1702
- Move MacOS CI tests to GitHub Actions; add M1 CI tests by @SWilson4 in #1709
- Update liboqs readme to point to oqs-provider instead of deprecated openssl1.1.1 fork [skip ci] by @Martyrshot in #1699
- Fix for the Zephyr CI tests by @Frauschi in #1714
- remove references to unsupported openssh [skip ci] by @baentsch in #1713
- fix documentation generation by @baentsch in #1715
- Support Falcon PADDED format by @SWilson4 in #1710
- Fix for alg_su...
0.10.0 release candidate 1
liboqs version 0.10.0-rc1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is release candidate 1 of version 0.10.0 of liboqs. It was released on March 8, 2024.
This release adds support for ML-KEM (previously known as CRYSTALS-Kyber) and ML-DSA (previously known as CRYSTALS-Dilithium), based on the initial public drafts of FIPS 203 and FIPS 204, respectively. OQS continues to support the NIST Round 3 versions of Kyber and Dilithium for interoperability purposes. This release additionally updates HQC to the NIST Round 4 version and adds support for fixed-length Falcon signatures.
What's New
This release continues from the 0.9.2 release of liboqs.
Key encapsulation mechanisms
- BIKE: Updated portable C implementation to include constant-time fixes from upstream.
- HQC: Updated to NIST Round 4 version.
- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-KEM-512, ML-KEM-786, and ML-KEM-1024.
Digital signature schemes
- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification.
- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87.
Other changes
- Improved thread safety.
- Added uninstall support via
ninja uninstall
- Documented platforms by support tier in PLATFORMS.md.
- Added support for Zephyr RTOS.
- Improved support for macOS on Apple Silicon.
- Removed support for the "NIST-KAT" DRBG.
- Added extended KAT test programs.
Detailed changelog
- PR template update & OpenSSL clarification by @baentsch in #1582
- Use CMAKE_USE_PTHREADS_INIT by @zxjtan in #1576
- Add section to CONFIGURE.md link by @iyanmv in #1578
- Run copy_from_upstream and test by @baentsch in #1589
- Support several pqclean upstream versions by @baentsch in #1595
- Call Keccak_(X4_)Dispatch with pthread_once by @zxjtan in #1549
- minor updates by @vsoftco in #1600
- Pull new HQC implementation from upstream by @SWilson4 in #1585
- add uninstall support by @baentsch in #1604
- Ensure generic OQS_OPT_TARGET in weekly CT tests by @SWilson4 in #1618
- update .travis.yml by @bhess in #1629
- Pull latest Kyber version from upstream by @bhess in #1631
- platform support documentation [skip ci] by @baentsch in #1605
- Add support for Zephyr RTOS by @Frauschi in #1621
- Apply patch to Kyber aarch64 code from PQClean for variable-time division issue. by @bhess in #1636
- Fix BIKE constant-time errors by @SWilson4 in #1632
- Fix falcon constant time check in Valgrind by @cothan in #1646
- Correct cmake version requirement by @baentsch in #1643
- Pull Kyber division fixes from PQ-Crystals into main by @praveksharma in #1649
- Bump gitpython from 3.1.37 to 3.1.41 in /scripts/copy_from_upstream by @dependabot in #1659
- Zephyr: fixes for platform support by @Frauschi in #1658
- Bump jinja2 from 2.11.3 to 3.1.3 in /scripts/copy_from_upstream by @dependabot in #1661
- Riscv zephyr support by @trigpolynom in #1641
- Zephyr: CMake fixes by @Frauschi in #1664
- Clarify that copyright is held by authors and not the project itself [skip ci] by @dstebila in #1668
- Make internal API available to (only) test programs by @SWilson4 in #1667
- Remove reference to old BIKE variants from CONFIGURE.md [skip ci] by @SWilson4 in #1669
- Add a document describing our subproject governance by @dstebila in #1675
- Set the correct compile flag for the memory sanitizer build by @SWilson4 in #1680
- Test against all 100 KAT values by @SWilson4 in #1560
- Update BIKE documentation to exclude x86 by @SWilson4 in #1679
- find_package(Threads) regardless of BUILD_ONLY_LIB by @zxjtan in #1653
- Call set_available_cpu_extensions using pthread_once by @zxjtan in #1671
- Discontinue AppVeyor CI testing by @SWilson4 in #1682
- Run oqs-provider release tests in CI on release candidate branches by @SWilson4 in #1654
- Fix link in GOVERNANCE.md by @Martyrshot in #1686
- Rename weekly runs and skip Falcon-1024 [skip ci] by @SWilson4 in #1684
- Update McEliece suppression files for generic config by @SWilson4 in #1677
- Update SPHINCS+ "clean" suppression files by @SWilson4 in #1683
- Update Sphincs+ Markdown documentation from YAML by @SWilson4 in #1690
- properly document release support level [skip ci] by @baentsch in #1688
- set(OQS_USE_PTHREADS OFF) on MinGW/Cygwin by @zxjtan in #1695
- Fix cross compilation and test in CI by @SWilson4 in #1696
- update brew install instructions to use openssl@3 instead of openssl@1.1.1 [skip ci] by @Martyrshot in #1701
- Add ML-DSA-ipd and ML-KEM-ipd & NIST supplied test vectors by @bhess in #1626
- Small fixes after adding ML-* by @bhess in #1702
- Move MacOS CI tests to GitHub Actions; add M1 CI tests by @SWilson4 in #1709
- Update liboqs readme to point to oqs-provider instead of deprecated openssl1.1.1 fork [skip ci] by @Martyrshot in #1699
- Fix for the Zephyr CI tests by @Frauschi in #1714
- remove references to unsupported openssh [skip ci] by @baentsch in #1713
- fix documentation generation by @baentsch in #1715
- Support Falcon PADDED format by @SWilson4 in #1710
- Fix for alg_sup...
liboqs version 0.9.2
liboqs version 0.9.2
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is version 0.9.2 of liboqs. It was released on January 16, 2024.
This release is a security release which fixes potential non-constant-time behaviour in Kyber based on pq-crystals/kyber@272125f
What's New
This release continues from the 0.9.1 release of liboqs.
Key encapsulation mechanisms
- Kyber: C, AVX2, and aarch64 implementation updated
Detailed changelog
- Pull Kyber division fixes from PQ-Crystals into dev-092 by @praveksharma in #1652
Full Changelog: 0.9.1...0.9.2