OpenSSL, a strong start

“... reminds me of climate change: We have the means, we simply need to implement them. The question is whether we choose to do so in time.”

Welcome!

Hello and welcome to the premier post of Ready for Q-day! Here I shall present the latest developments, and tools in the race to upgrade the world's data encryption in time to prevent quantum computers sharing data with people who shouldn't have it.

There will be time for gory technical details later but why don't we start with something that already has the post-quantum cryptography world buzzing? I am referring to the latest version of OpenSSL, version 3.5 expected on April 8, being the first to offer the post-quantum encryption methods recommended by the ASD and NIST from August of last year. Those are

• Module Lattice - Key Encapsulation Method (ML-KEM)

• Module Lattice - Digital Signature Algorithm (ML-DSA)

• StateLess Hash-based - Digital Signature Algorithm (SLH-DSA)

The first is for use in key exchange while the other two are intended for digital signatures.

With OpenSSL being the most widely used encryption library, including by Microsoft Office products, this development will help many bring their encryption up to post-quantum standard and greatly facilitate the use of post-quantum cryptography as standard.

The situation now reminds me of climate change: We have the means, we simply need to implement them. The question is whether we choose to do so in time.

[1] https://billatnapier.medium.com/xmas-coming-early-openssl-finally-enters-a-quantum-world-8ae3f821ed7d

[2] https://github.com/openssl/openssl