wolfssl icon indicating copy to clipboard operation
wolfssl copied to clipboard

Published 20 hours ago verified publisher icon wolfSSL

Hybrid Post Quantum Algorithms

Open Mohre opened this issue 1 year ago • 4 comments
trafficstars

Version

5.7.4

Description

I noticed Wolfssl supports these Post Quantum Algorithms. wolfssl

  1. Does Wolfssl support composite ML-DSA algorithms like MLDSA87-ECDSA-P384-SHA512 mentioned in this draft?
  2. Do you have any plan to support hybrid ML-KEM algorithms mentioned in this draft? It said "521 bit curve not widely used." and suggest MLKEM1024-ECDH-P384(Something like P384_KYBER_LEVEL5) for standardization.

Mohre avatar Nov 03 '24 15:11 Mohre

Hi @Mohre ,

Great question. We don't currently support this, we do hope to support this in the future but don't have a concrete timeline yet. We can set up a feature request for this if you'd like, please contact us at support [AT] wolfssl [DOT] com to set this up. Can you share a bit of information on your use case for this?

kareem-wolfssl avatar Nov 05 '24 21:11 kareem-wolfssl

If you are interested in collaborating, I am working on a Pull Request to implement Composite Signatures. Here's the link to the fork I am using (main branch aligned with master in wolfSSL, mldsa-composite-1 is the branch I use to add the composite). Also, you can checkout the examples/pktool/pktool.c that I added to the examples build - it is a small tool intended to help generating keys, requests, and certs: https://github.com/opencrypto/wolfssl/tree/mldsa-composite-1.

Any help/comment/support/feedback is highly appreciated!

opencrypto avatar Nov 13 '24 04:11 opencrypto

Can you share a bit of information on your use case for this?

I investigating on PQS algorithms usage with TLS1.3 for communication.

Mohre avatar Nov 13 '24 06:11 Mohre

Hi @Mohre

Please do have a look at @opencrypto 's PR. We here at wolfSSL have been following his work and are delighted with his efforts.

We do not support MLKEM1024-ECDH-P384 but instead do support MLKEM1024-ECDH-P521 as well as MLKEM768-ECDH-P384 . Unless there is strong interest, I don't forsee us adding MLKEM1024-ECDH-P384 anytime soon. That said, please send a feature request message to support@ if you feel you want to see wolfSSL support MLKEM1024-ECDH-P384 .

Warm regards, Anthony

anhu avatar Dec 02 '24 18:12 anhu

Hi @Mohre ,

Its been almost a year since my last comment on this issue with no further interaction. As such, I will now close this issue. Thank you for your interest in wolfSSL.

Warm regards, Anthony

anhu avatar Nov 11 '25 17:11 anhu