Open Source Software Libraries and Organizations working to future proof security of data
This blog post provides essential resources for security professionals and software developers looking to secure data in the post-quantum era. It highlights key organizations such as NIST, the Linux Foundation, and the Post-Quantum Cryptography Alliance, which are leading efforts in quantum-resistant cryptography. Additionally, it introduces open-source libraries that facilitate the implementation of quantum-safe encryption algorithms, offering practical tools for integrating cutting-edge security measures into your systems.
NIST Post-Quantum Cryptography Research
The NIST Post-Quantum Cryptography project focuses on developing and standardizing cryptographic algorithms that are secure against the threats posed by quantum computing. This initiative aims to identify and endorse new cryptographic algorithms that can protect data and communications in a future where quantum computers might break current encryption methods. The project involves a multi-phase process, including a public evaluation and selection process to ensure that the chosen algorithms are both secure and practical for widespread use. NIST’s goal is to establish new standards for cryptography that will ensure data security well into the future.
Main webpage: https://csrc.nist.gov/projects/post-quantum-cryptography
NIST Released Three Post-Quantum Encryption Standards
After 8 years of work, the National Institute of Standards and Technology (NIST) has released its first three finalized post-quantum encryption standards, marking a significant step in securing data against future quantum computing threats. These standards include algorithms designed to protect digital information from being compromised by quantum computers, which have the potential to break traditional encryption methods. The new standards are intended to ensure long-term data security and support the transition to quantum-resistant cryptographic systems.
Main webpage: The announcement page
Following are links to the finalized standards:
- FIPS 203 – Module-Lattice-Based Key-Encapsulation Mechanism Standard
- FIPS 204 – Module-Lattice-Based Digital Signature Standard
- FIPS 205 – Stateless Hash-Based Digital Signature Standard
OpenQuantum Safe
The Open Quantum Safe (OQS) project is dedicated to developing and promoting quantum-resistant cryptographic algorithms and tools to safeguard data against the potential threats posed by quantum computing. It provides an open-source platform for the research and implementation of cryptographic algorithms that are resistant to quantum attacks. The OQS project aims to advance the security of information systems by offering resources, software libraries, and a community-driven approach to integrating quantum-safe algorithms into existing security frameworks.
- Main website: https://openquantumsafe.org
- Github page: https://github.com/open-quantum-safe
Post Quantum Cryptography Alliance
The Post-Quantum Cryptography Consortium (PQCA) is focused on advancing the adoption and development of cryptographic systems that are secure against the potential threats posed by quantum computing. The consortium collaborates with industry leaders, researchers, and institutions to facilitate the transition to quantum-resistant cryptographic algorithms. It provides resources, guidelines, and support to help organizations implement and evaluate post-quantum cryptographic solutions, ensuring robust security in a future where quantum computers could compromise current encryption methods.
- Main website: https://pqca.org
- Github page: https://github.com/pqca
Open Quantum Safe provider for OpenSSL
The OQS Provider on GitHub is an open-source project that integrates quantum-safe cryptographic algorithms into the Open Quantum Safe (OQS) framework, such as OpenSSL. It provides a modular interface for incorporating post-quantum cryptographic algorithms into existing cryptographic libraries and systems. The OQS Provider enables developers to test and deploy quantum-resistant algorithms by offering an implementation of these algorithms as a provider for cryptographic operations. The project aims to facilitate the evaluation and adoption of quantum-safe cryptography within various software environments.
- Github page: https://github.com/open-quantum-safe/oqs-provider
- Github page liboqs: https://github.com/open-quantum-safe/liboqs
Summary
The post highlights essential resources for security professionals and software developers to secure data in the post-quantum era. It mentions key organizations such as NIST, the Linux Foundation, and the Post-Quantum Cryptography Alliance (PQCA), which are leading efforts in quantum-resistant cryptography. The blog also introduces open-source libraries that facilitate the implementation of quantum-safe encryption algorithms, including Open Quantum Safe (OQS) and its provider for OpenSSL. Specifically, it notes NIST’s release of three post-quantum encryption standards, FIPS 203-205, and provides links to these standards. Additionally, it summarizes OQS as an open-source project dedicated to developing and promoting quantum-resistant cryptographic algorithms and tools, and PQCA as a consortium focused on advancing the adoption and development of cryptographic systems secure against quantum threats.