About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2024-08 snapshot release of OQS-OpenSSH, released on August 30, 2024. This release is intended to be used with liboqs version 0.10.1.
What's New
This is the eighth snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 9.7 portable 1.
- Updated fork to track upstream OpenSSH 9.7.
- Update algorithm list in line with
liboqs
v0.10.1.- Introduces generic support for ML-KEM-IPD, ML-DSA-IPD, SNTRUP, BIKEr4, MAYO, and Falcon (Padded).
- Support for ML-KEM and ML-DSA is provided using a
liboqs
alias which will update from the IPD versions to the final FIPS-203 and FIPS-204 standards when they are available in the underlyingliboqs
.
- Added support for x25519 hybrid key exchange algorithms.
- Working interop support for
[email protected]
key exchange. - Working interop support for
[email protected]
key exchange.
- Working interop support for
- Support for all ML-KEM based hybrid key exchanges in https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/
mlkem768nistp256-sha256
,mlkem1024nistp384-sha384
,mlkem768x25519-sha256
- For the
0.10.1
release ofliboqs
, these will be backed by the IPD versions of the algorithm.
- Migrated from CircleCI to Github Actions.
Detailed changelog
Full Changelog: OQS-OpenSSH-snapshot-2023-10...OQS-OpenSSH-snapshot-2024-08
Full Changelog (Omitting upstream merge): ac7c26b...b89166e