# liboqs liboqs is a C library for quantum-safe cryptographic algorithms. ## Overview The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. **liboqs** is an open source C library for quantum-safe cryptographic algorithms. liboqs initially focuses on key exchange algorithms. liboqs provides a common API suitable for post-quantum key exchange algorithms, and will collect together various implementations. liboqs will also include a test harness and benchmarking routines to compare performance of post-quantum implementations. OQS will also include integrations into application-level protocols to provide easy prototyping of quantum-resistant cryptography. Our first integration will be in OpenSSL. More information on OQS can be found in slides 63–66 of [this presentation](https://www.douglas.stebila.ca/files/research/presentations/20160812-SAC.pdf) by Douglas Stebila. ## Contents OQS currently contains: - `rand_urandom_chacha20`: pseudorandom number generator seeded from /dev/urandom and expanded using the ChaCha20 stream cipher - `kex_rlwe_bcns15`: key exchange from the ring learning with errors problem (Bos, Costello, Naehrig, Stebila, *IEEE Symposium on Security & Privacy 2015*, [https://eprint.iacr.org/2014/599](https://eprint.iacr.org/2014/599)) ## Building and Running Builds have been tested on Mac OS X 10.11.6 and Ubuntu 16.04.1. To build, clone or download the source from Github, then simply type: make This will generate: - `liboqs.a`: A static library with implementations for the algorithms listed in "Contents" above. - `test_rand`: A simple test harness for the random number generator. This will output some bytes from the PRNG. - `test_kex`: A simple test harness for the default key exchange algorithm. This will output key exchange messages, and indicate whether the parties agree on the session key or not. ## Documentation Some source files contain inline Doxygen-formatted documentation. The documentation can be generated by running: doxygen This will generate the `docs/html` directory. ## Contributing and using We hope OQS will provide a framework for many post-quantum implementations. In the immediate term, if you have feedback on our API ([kex.h](https://github.com/open-quantum-safe/liboqs/blob/master/src/kex/kex.h) or [rand.h](https://github.com/open-quantum-safe/liboqs/blob/master/src/rand/rand.h)), please contact us so we can ensure our API covers a wide range of implementation needs. If you have or are writing an implementation of a post-quantum key exchange algorithm, we hope you will consider making an implementation that meets our API so that others may use it and would be happy to discuss including it directly in liboqs. If you would like to use liboqs in an application-level protocol, please get in touch and we can provide some guidance on options for using liboqs. We are also interested in assistance from code reviewers. Please contact Douglas Stebila <[stebilad@mcmaster.ca](mailto:stebilad@mcmaster.ca)>. ## Current status and plans (2016/08/11) Our initial launch was on August 11, 2016, containing a single key exchange algorithm (`kex_rlwe_bcns15`) with a basic test harness. We plan to be making the following updates over the next month: - `kex_lwe_frodo` implementation ([https://eprint.iacr.org/2016/659](https://eprint.iacr.org/2016/659)) - `kex_rlwe_bcns15` generalization to multiple security levels - `kex_ntru_ees743p1` wrapper around NTRU open source public key encryption ([https://github.com/NTRUOpenSourceProject/ntru-crypto](https://github.com/NTRUOpenSourceProject/ntru-crypto)) - `kex_rlwe_newhope` wrapper around "NewHope" ring-LWE key exchange ([https://eprint.iacr.org/2015/1092](https://eprint.iacr.org/2015/1092)) - Benchmarking scripts for key exchange algorithms - Rigourous test harness for key exchange algorithms - Rigourous test harness for random number generator - Detailed Doxygen documentation for existing API and public functions - Modular build system - Integration of liboqs into OpenSSL to enable testing of post-quantum algorithms in TLS connections - Finalize open source license for liboqs - Coding guidelines Over the next few months, we plan to be making the following updates: - Building on more systems, including building of assembly code / optimizations - Inclusion of a McEliece-based key exchange method - Inclusion of a supersingular isogeny Diffie–Hellman key exchange method - Code reviews including static analysis - Integration of liboqs into additional application-level protocols. In the long term, we are also interested in including post-quantum signature schemes. ## Team The Open Quantum Safe project is lead by [Michele Mosca](http://faculty.iqc.uwaterloo.ca/mmosca/) (University of Waterloo) and [Douglas Stebila](https://www.douglas.stebila.ca/research/) (McMaster University). ### Contributors - Shravan Mishra (University of Waterloo) ### Support Development of OQS has been supported in part by the Tutte Institute for Mathematics and Computing. Research projects which developed specific components of OQS have been supported by various research grants; see the source papers for funding acknowledgements.