-
Notifications
You must be signed in to change notification settings - Fork 91
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
adding release notes for github-independent information [skip ci] (#65)
- Loading branch information
Showing
1 changed file
with
50 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| oqs-provider 0.4.0 | ||
| ================== | ||
|
|
||
| About | ||
| ----- | ||
|
|
||
| The **Open Quantum Safe (OQS) project** has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/. | ||
|
|
||
| **oqs-provider** is a standalone prototype [OpenSSL 3](https://github.com/openssl/openssl) [provider](https://www.openssl.org/docs/manmaster/man7/provider.html) enabling [liboqs](https://github.com/open-quantum-safe/liboqs)-based quantum-safe and hybrid key exchange for TLS 1.3, as well as quantum-safe and hybrid X.509 certificate generation, CMS ond dgst operations. | ||
|
|
||
| When deployed, the `oqs-provider` binary (shared library) thus adds support for quantum-safe cryptographic operations to any standard OpenSSL(v3) installation. | ||
|
|
||
| In general, the oqs-provider `main` branch is meant to be useable in conjunction with the `main` branch of [liboqs](https://github.com/open-quantum-safe/liboqs) and the `master` branch of [OpenSSL](https://github.com/openssl/openssl). | ||
|
|
||
| Further details on building, testing and use can be found in [README.md](https://github.com/open-quantum-safe/oqs-provider/blob/main/README.md). See in particular limitations on intended use. | ||
|
|
||
| Release notes | ||
| ============= | ||
|
|
||
| This is version 0.4.0 of oqs-provider. | ||
|
|
||
| Security considerations | ||
| ----------------------- | ||
|
|
||
| This release removes Rainbow level 1 and all variants of SIDH and SIKE due to cryptanalytic breaks of those algorithms. Users are advised to move away from use of those algorithms immediately. | ||
|
|
||
| What's New | ||
| ---------- | ||
|
|
||
| This release continues from the 0.3.0 release of oqs-provider and is fully tested to be used in conjunction with version 0.7.2 of [liboqs](https://github.com/open-quantum-safe/liboqs). | ||
|
|
||
| oqs-provider has been integrated as an external test component for [OpenSSL3 testing](https://github.com/openssl/openssl/blob/master/test/README-external.md#oqsprovider-test-suite) and will thus remain in line with any possibly required provider API enhancements. | ||
|
|
||
| ### Algorithm updates | ||
|
|
||
| - Removal of SIKE/SIDH and Rainbow level I due to cryptographic breaks | ||
|
|
||
| ### Functional updates | ||
|
|
||
| - Addition of quantum-safe CMS operations via the [OpenSSL interface](https://www.openssl.org/docs/man3.0/man1/openssl-cms.html) | ||
| - Addition of quantum-safe dgst operations via the [OpenSSL interface](https://www.openssl.org/docs/man3.0/man1/openssl-dgst.html) | ||
|
|
||
| ### Misc updates | ||
|
|
||
| - Additional testing | ||
| - Integration with and of OpenSSL test harness | ||
|
|
||
| --- | ||
|
|
||
| **Full Changelog**: https://github.com/open-quantum-safe/oqs-provider/compare/0.3.0...0.4.0. |