03 Jul 21:50

OQS-OpenSSL_1_1_1-stable snapshot 2023-07

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

open-quantum-safe/openssl is an integration of liboqs into (a fork of) OpenSSL. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography in TLS 1.3, X.509 certificates, CMS, and S/MIME. The integration should not be considered "production quality".

Release notes

This is the 2023-07 snapshot release of OQS-OpenSSL, which was released on July 3, 2023. This release is intended to be used with liboqs version 0.8.0.

END OF LIFE NOTICE

As the OpenSSL team has announced that OpenSSL 1.1.1 will reach end of life in September 2023, this release is intended to be the final release of OQS-OpenSSL_1_1_1-stable. Users are recommended to migrate to OpenSSL 3 and make use of the OQS Provider which provides full post-quantum support in OpenSSL 3.

What's New

This is the tenth snapshot release of OQS-OpenSSL_1_1_1-stable. It is based on OpenSSL 1.1.1u.

Update OpenSSL to version 1.1.1u.
Key encapsulation mechanism algorithm changes:
- BIKE: updated to Round 4 version.
- Kyber: 90s variants were removed.
- NTRU Prime: All variants were removed.
- Saber: removed.
Digital signature scheme algorithm changes:
- Dilithium; AES variants were removed.
- Falcon: updated to the 2023-02-07 version.
- Picnic: removed.
- Rainbow: removed.
- SPHINCS+: updated to version 3.1; SPHINCS+-Haraka variants were removed; SPHINCS+-SHA256 and SPHINCS+-SHAKE variants were renamed
Update OIDs and TLS key exchange code points

Detailed changelog

documentation generator fix by @baentsch in #394
Upstream 1.1.1s by @baentsch in #407
removing Picnic,NTRUprime,Rainbow,Saber by @baentsch in #411
adds IDs for proper wireshark sigalg dissection by @baentsch in #412
Updated upstream tag reference to 1.1.1s. by @christianpaquin in #414
Removed NTRU. by @xvzcf in #415
remove boringssl interop by @baentsch in #417
change sphincs variant enablement by @baentsch in #425
Upgrade to upstream 1.1.1t by @baentsch in #430
(O)ID update for BIKE and Falcon using oqs-provider template by @baentsch in #438
version and build instruction update by @baentsch in #443
Algorithm & ID updates by @baentsch in #447
Merged 1.1.1u by @christianpaquin in #453
Code point documentation update by @baentsch in #458
Updated generate.yml to support liboqs 0.8.0 algorithm changes by @crt26 in #456

New Contributors

@crt26 made their first contribution in #456

Full Changelog: OQS-OpenSSL-1_1_1-stable-snapshot-2022-08...OQS-OpenSSL-1_1_1-stable-snapshot-2023-07

Contributors

christianpaquin, xvzcf, and 2 other contributors

Assets 2

24 Aug 04:42

baentsch

OQS-OpenSSL-1_1_1-stable-snapshot-2022-08

a147a0b

OQS-OpenSSL_1_1_1-stable snapshot 2022-08

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

Release notes

This is the 2022-08 snapshot release of OQS-OpenSSL, which was released on August 23, 2022. This release is intended to be used with liboqs version 0.7.2.

What's New

This is the ninth snapshot release of OQS-OpenSSL_1_1_1-stable. It is based on OpenSSL 1.1.1q.

Update OpenSSL to version 1.1.1q.
Remove support for Rainbow level 1 and SIKE/SIDH.
Adding support for setting default client KEM algorithms via TLS_DEFAULT_GROUPS environment variable.

Previous release notes

OQS-OpenSSL 1.1.1 snapshot 2022-01, based on OpenSSL 1.1.1m, aligned with liboqs 0.7.1 (January 6, 2022)
OQS-OpenSSL 1.1.1 snapshot 2021-08, based on OpenSSL 1.1.1k, aligned with liboqs 0.7.0 (August 11, 2021)
OQS-OpenSSL 1.1.1 snapshot 2021-03, based on OpenSSL 1.1.1k, aligned with liboqs 0.5.0 (March 26, 2021)
OQS-OpenSSL 1.1.1 snapshot 2020-08, based on OpenSSL 1.1.1g, aligned with liboqs 0.4.0 (August 11, 2020)
OQS-OpenSSL 1.1.1 snapshot 2020-07, based on OpenSSL 1.1.1g, aligned with liboqs 0.3.0 (July 10, 2020)
OQS-OpenSSL 1.1.1 snapshot 2019-10, based on OpenSSL 1.1.1d, aligned with liboqs 0.2.0 (October 8, 2019)
OQS-OpenSSL 1.1.1 snapshot 2018-11, based on OpenSSL 1.1.1, aligned with liboqs 0.1.0 (November 13, 2018)

Detailed changelog

more explanation pointers for NIST levels [skip ci] by @baentsch in #350
adding TLS_DEFAULT_GROUPS env var by @baentsch in #354
Updating interop test suite for BoringSSL update. by @xvzcf in #355
generalize openssl install regarding liboqs lib location by @baentsch in #358
fix out of source build by @baentsch in #359
1.1.1n merge by @baentsch in #361
merge with upstream 1.1.1o by @baentsch in #370
openssl test cert update by @baentsch in #373
Upstream 111p merge by @baentsch in #375
upstream 111q merge by @baentsch in #377
re-run generator for corrected dilithium2 level by @baentsch in #381
remove RainbowI by @baentsch in #382
remove SIDH/SIKE by @baentsch in #383
trigger CI also on main branch by @baentsch in #386
fix liboqs.so.version install by @baentsch in #387

Full Changelog: OQS-OpenSSL_1_1_1-stable-snapshot-2022-01...OQS-OpenSSL-1_1_1-stable-snapshot-2022-08

Contributors

xvzcf and baentsch

Assets 2

06 Jan 18:04

dstebila

OQS-OpenSSL-1_1_1-stable-snapshot-2022-01

35cb2b7

OQS-OpenSSL_1_1_1-stable snapshot 2022-01

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

Release notes

This is the 2022-01 snapshot release of OQS-OpenSSL. The release candidate was released on January 6, 2022. This release is intended to be used with liboqs version 0.7.1.

What's New

This is the eighth snapshot release of OQS-OpenSSL_1_1_1-stable. It is based on OpenSSL 1.1.1m.

Update OpenSSL to version 1.1.1m.
Add support for NTRU and NTRU Prime level 5 KEMs.

Previous release notes

OQS-OpenSSL 1.1.1 snapshot 2021-08, based on OpenSSL 1.1.1k, aligned with liboqs 0.7.0 (August 11, 2021)
OQS-OpenSSL 1.1.1 snapshot 2021-03, based on OpenSSL 1.1.1k, aligned with liboqs 0.5.0 (March 26, 2021)
OQS-OpenSSL 1.1.1 snapshot 2020-08, based on OpenSSL 1.1.1g, aligned with liboqs 0.4.0 (August 11, 2020)
OQS-OpenSSL 1.1.1 snapshot 2020-07, based on OpenSSL 1.1.1g, aligned with liboqs 0.3.0 (July 10, 2020)
OQS-OpenSSL 1.1.1 snapshot 2019-10, based on OpenSSL 1.1.1d, aligned with liboqs 0.2.0 (October 8, 2019)
OQS-OpenSSL 1.1.1 snapshot 2018-11, based on OpenSSL 1.1.1, aligned with liboqs 0.1.0 (November 13, 2018)

Detailed changelog

Update to OpenSSL 1.1.1l by @dstebila in #330
adding ntrup1277 by @baentsch in #334
ntru1229 by @baentsch in #336
OSSL ID registry by @baentsch in #340
adding M1 build instruction [skip ci] by @baentsch in #342
simplify documentation [skip ci] by @baentsch in #345
Merging OpenSSL 1.1.1m by @baentsch in #346

Full Changelog: OQS-OpenSSL_1_1_1-stable-snapshot-2021-08...OQS-OpenSSL-1_1_1-stable-snapshot-2022-01

Contributors

dstebila and baentsch

Assets 2

11 Aug 21:25

dstebila

OQS-OpenSSL_1_1_1-stable-snapshot-2021-08

26fc2b2

OQS-OpenSSL_1_1_1-stable snapshot 2021-08

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

Release notes

This is the 2021-08 snapshot release of OQS-OpenSSL, which was released on August 11, 2021. This release is intended to be used with liboqs version 0.7.0.

What's New

This is the sixth snapshot release of OQS-OpenSSL_1_1_1-stable. It is based on OpenSSL 1.1.1k.

Updates algorithms to those used in liboqs 0.7.0, as described in the liboqs release notes.
Improves signing support with different digest algorithms
Enables building OQS-OpenSSL for UEFI/EDKII (contributed by Jiewen Yao, Intel)
Improved documentation of algorithm identifiers

Previous release notes

OQS-OpenSSL 1.1.1 snapshot 2021-03 aligned with liboqs 0.5.0 (March 26, 2021)
OQS-OpenSSL 1.1.1 snapshot 2020-08 aligned with liboqs 0.4.0 (August 11, 2020)
OQS-OpenSSL 1.1.1 snapshot 2020-07 aligned with liboqs 0.3.0 (July 10, 2020)
OQS-OpenSSL 1.1.1 snapshot 2019-10 aligned with liboqs 0.2.0 (October 8, 2019)
OQS-OpenSSL 1.1.1 snapshot 2018-11 aligned with liboqs 0.1.0 (November 13, 2018)

Assets 2

26 Mar 14:36

dstebila

OQS-OpenSSL_1_1_1-stable-snapshot-2021-03

7c899f5

OQS-OpenSSL_1_1_1-stable snapshot 2021-03

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

Release notes

This is the 2021-03 snapshot release of OQS-OpenSSL, which was released on March 26, 2021. Its release page on GitHub is https://github.com/open-quantum-safe/openssl/releases/tag/OQS-OpenSSL_1_1_1-stable-snapshot-2021-03. This release is intended to be used with liboqs version 0.5.0.

What's New

This is the fifth snapshot release of OQS-OpenSSL_1_1_1-stable. It is based on OpenSSL 1.1.1k.

Removes algorithms from NIST PQC Round 2 that did not advance to Round 3: NewHope, ThreeBears, MQDSS, qTesla.
Updates algorithms to those used in liboqs 0.5.0, as described in the liboqs release notes.
Adds HQC, NTRUPrime.
Improvements to continuous integration testing and build process, including building of shared libraries.
Change format of hybrid key exchange in TLS 1.3 to follow https://tools.ietf.org/html/draft-ietf-tls-hybrid-design-01

Previous release notes

OQS-OpenSSL 1.1.1 snapshot 2020-08 aligned with liboqs 0.4.0 (August 11, 2020)
OQS-OpenSSL 1.1.1 snapshot 2020-07 aligned with liboqs 0.3.0 (July 10, 2020)
OQS-OpenSSL 1.1.1 snapshot 2019-10 aligned with liboqs 0.2.0 (October 8, 2019)
OQS-OpenSSL 1.1.1 snapshot 2018-11 aligned with liboqs 0.1.0 (November 13, 2018)

Assets 2

12 Aug 00:35

dstebila

OQS-OpenSSL_1_1_1-stable-snapshot-2020-08

3baf20a

OQS-OpenSSL_1_1_1-stable snapshot 2020-08

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

Release notes

This is the 2020-08 snapshot release of OQS-OpenSSL, which was released on August 11, 2020. Its release page on GitHub is https://github.com/open-quantum-safe/openssl/releases/tag/OQS-OpenSSL_1_1_1-stable-snapshot-2020-08. This release is intended to be used with liboqs version 0.4.0.

What's New

This is the fourth snapshot release of OQS-OpenSSL_1_1_1-stable. It is based on OpenSSL 1.1.1g.

Uses the updated NIST Round 2 submissions added to liboqs 0.4.0, as described in the liboqs release notes.

Deprecations

As a result of NIST's announcement of Round 3 of the Post-Quantum Cryptography Standardization Project, this is the last release of OQS-OpenSSL that contain algorithms from Round 2 that are not Round 3 finalists or alternate candidates. Those algorithms will be removed in the next release. The algorithms in question are: NewHope, ThreeBears, MQDSS, and qTesla. These algorithms are considered deprecated within OQS-OpenSSL will receive no updates after this release.

Assets 2

10 Jul 19:30

dstebila

OQS-OpenSSL_1_1_1-stable-snapshot-2020-07

0a19000

OQS-OpenSSL_1_1_1-stable snapshot 2020-07

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

Release notes

This is the 2020-07 snapshot release of OQS-OpenSSL, which was released on July 10, 2020. Its release page on GitHub is https://github.com/open-quantum-safe/openssl/releases/tag/OQS-OpenSSL_1_1_1-stable-snapshot-2020-07. This release is intended to be used with liboqs version 0.3.0.

What's New

This is the fourth snapshot release of OQS-OpenSSL_1_1_1-stable. It is based on OpenSSL 1.1.1g.

Uses the updated NIST Round 2 submissions added to liboqs 0.3.0, as described in the liboqs release notes.
Adds support for post-quantum signatures in S/MIME and CMS features of OQS-OpenSSL.
Adds post-quantum algorithms to OpenSSL's speed command.
Implements hybrid key exchange in TLS 1.3 in accordance with draft-ietf-tls-hybrid-design-00.
More reliable building and use of shared libraries.
Improves testing of post-quantum functionality, including interoperability with OQS-BoringSSL.

Assets 2

08 Oct 22:52

dstebila

OQS-OpenSSL_1_1_1-stable-snapshot-2019-10

27a8277

OQS-OpenSSL_1_1_1-stable snapshot 2019-10

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

open-quantum-safe/openssl is an integration of liboqs into (a fork of) OpenSSL. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".

This branch of our fork of OpenSSL aims to provide integration of post-quantum algorithms from liboqs into TLS 1.3 in OpenSSL 1.1.1.

This branch of our fork of OpenSSL can be used with the following versions of liboqs:

liboqs master branch 0.2.0

Release notes

This snapshot of the OQS fork of OpenSSL 1.1.1d (OQS-OpenSSL_1_1_1-stable) was released on October 8, 2019. Its release page on Github is https://github.com/open-quantum-safe/openssl/releases/tag/OQS-OpenSSL_1_1_1-stable-snapshot-2019-10.

What's New

This is the second snapshot release of OQS-OpenSSL_1_1_1-stable. It is based on the upstream OpenSSL 1.1.1d release.

This release adds hybrid (post-quantum + elliptic curve) authentication in TLS 1.3.

This release adds/updates post-quantum KEMs for TLS 1.3 key exchange and signature algorithms for TLS 1.3 authentication based on NIST Round 2 submissions. See the README.md file for the list of algorithms.

Previous releases of liboqs differentiated between "master branch" and "nist-branch", with nist-branch supporting more algorithms. liboqs nist-branch is no longer be developed or released, and this release of OQS-OpenSSL_1_1_1-stable only builds against liboqs master branch.

Future work

Snapshot releases of OQS-OpenSSL_1_1_1-stable will be made approximately bi-monthly. These will include syncing the branch with upstream releases of OpenSSL, and changes required to sync with new releases of liboqs.

Assets 2

08 Oct 22:51

dstebila

OQS-OpenSSL_1_0_2-stable-snapshot-2019-10

6e40dc7

OQS-OpenSSL_1_0_2-stable snapshot 2019-10

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

open-quantum-safe/openssl is an integration of liboqs into (a fork of) OpenSSL. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".

This branch of our fork of OpenSSL aims to provide integration of post-quantum algorithms from liboqs into TLS 1.2 in OpenSSL 1.0.2.

This branch of our fork of OpenSSL can be used with the following versions of liboqs:

liboqs master branch 0.2.0

Release notes

This snapshot of the OQS fork of OpenSSL 1.0.2t (OQS-OpenSSL_1_0_2-stable) was released on October 8, 2019. Its release page on Github is https://github.com/open-quantum-safe/openssl/releases/tag/OQS-OpenSSL_1_0_2-stable-snapshot-2019-10.

What's New

This is the fourth snapshot release of OQS-OpenSSL_1_0_2-stable.

This release syncs the fork with the upstream OpenSSL 1.0.2t release.

This release updates algorithms based on liboqs master 0.2.0, which has added and updated post-quantum KEMs based on NIST Round 2 submissions.

Future work

This is intended to be the last release of OQS-OpenSSL_1_0_2-stable. The OpenSSL project will stop supporting the OpenSSL 1.0.2 series as of January 1, 2020, so we will plan to discontinue releases of our fork of OpenSSL 1.0.2. Projects relying on post-quantum key exchange in TLS should switch to the OQS-OpenSSL_1_1_1-stable branch.

Assets 2

13 Nov 16:45

dstebila

OQS-OpenSSL_1_1_1-stable-snapshot-2018-11

6730529

OQS-OpenSSL_1_1_1-stable-snapshot-2018-11

OQS-OpenSSL_1_1_1-stable snapshot 2018-11

About

liboqs is an open source C library for quantum-resistant cryptographic algorithms.

open-quantum-safe/openssl is an integration of liboqs into (a fork of) OpenSSL. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".

This branch of our fork of OpenSSL aims to provide integration of post-quantum algorithms from liboqs into TLS 1.3 in OpenSSL 1.1.1.

This branch of our fork of OpenSSL can be used with the following versions of liboqs:

liboqs master branch 0.1.0
liboqs nist-branch 2018-11 snapshot

Release notes

This snapshot of the OQS fork of OpenSSL 1.1.1 (OQS-OpenSSL_1_1_1-stable) was released on November 13, 2018. Its release page on Github is https://github.com/open-quantum-safe/openssl/releases/tag/OQS-OpenSSL_1_1_1-stable-snapshot-2018-11.

What's New

This is the first snapshot release of OQS-OpenSSL_1_1_1-stable.

It is based on the upstream OpenSSL 1.1.1 release.

It provides:

post-quantum key exchange in TLS 1.3
hybrid (post-quantum + elliptic curve) key exchange in TLS 1.3
post-quantum authentication in TLS 1.3

It can build against either liboqs master branch or liboqs nist-branch. If building against liboqs nist-branch, post-quantum authentication is not enabled.

Future work

Assets 2

Releases: open-quantum-safe/openssl