0.10.1 release candidate 1
Pre-releaseliboqs version 0.10.1-rc1
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms. Details about liboqs can be found in README.md. See in particular limitations on intended use.
liboqs can be used with the following Open Quantum Safe application integrations:
- oqs-provider: A standalone prototype OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key authentication and exchange for TLS 1.3, X.509 certificate generation and CMS operations.
- OQS-BoringSSL: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl.
- OQS-OpenSSH: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh.
Several demos are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/.
liboqs can also be used in the following programming languages via language-specific wrappers:
- C++, via https://github.com/open-quantum-safe/liboqs-cpp
- Go, via https://github.com/open-quantum-safe/liboqs-go
- Java, via https://github.com/open-quantum-safe/liboqs-java
- .NET, via https://github.com/open-quantum-safe/liboqs-dotnet
- Python 3, via https://github.com/open-quantum-safe/liboqs-python
- Rust, via https://github.com/open-quantum-safe/liboqs-rust
Release notes
This is release candidate 1 of version 0.10.1 of liboqs. It was released on June 5, 2024.
This release is a security release which fixes potential non-constant-time behaviour in ML-KEM and Kyber based on pq-crystals/kyber@0264efa and pq-crystals/kyber@9b8d306. It also includes a fix for incorrectly named macros in the ML-DSA implementation.
What's New
This release continues from the 0.10.0 release of liboqs.
Key encapsulation mechanisms
- Kyber: portable C and AVX2 implementations updated
- ML-KEM: portable C and AVX2 implementations updated
Digital signature schemes
- ML-DSA: incorrectly named macros renamed
Detailed changelog
- switching to dev mode again by @baentsch in #1743
- Update README.md by @vsoftco in #1769
- Fix README.md to work with Doxygen release 1.10.0 by @praveksharma in #1775
- Fix for incorrect macros in signatures. by @bhess in #1799
- Pull Kyber/ML-KEM CT-Fix from upstream by @bhess
- Force gcc 13.2.0 over 13.3.0 by @planetf1 in #1805
Full Changelog: 0.10.0...0.10.1-rc1