We realize some parties may want to deploy quantum-safe cryptography prior to the conclusion of the standardization project. While at the time of this writing there are no vulnerabilities known in any of the quantum-safe algorithms used in this fork, it is advisable to wait on deploying quantum-safe algorithms until further guidance is provided by the standards community, especially from the NIST standardization project. We believe that the NIST Post-Quantum Cryptography standardization project is currently the best avenue to identifying potentially quantum-resistant algorithms, and strongly recommend that applications and protocols rely on the outcomes of the NIST standardization project when deploying quantum-safe cryptography. Limitations and securityĪs research advances, the supported algorithms may see rapid changes in their security, and may even prove insecure against both classical and quantum computers. This fork implements the draft-kampanakis-curdle-pq-ssh-00 IETF draft for hybrid key exchange algorithms. Also, certain platforms and build-time options may require additional dependencies see atform for details. Zlib is optional without it transport compression is not supported.įIDO security token support needs libfido2 and its dependencies. Libcrypto from either LibreSSL or OpenSSL may also be used, but OpenSSH may be built without it supporting a subset of crypto algorithms. It requires a working C compiler, standard library and headers.
#Github openssh portable#
Portable OpenSSH is built using autoconf and make. Liboqs is provided "as is", without warranty of any kind. WE DO NOT RECOMMEND RELYING ON THIS FORK TO PROTECT SENSITIVE DATA. See the Limitations and Security section below for more information. IT IS AT AN EXPERIMENTAL STAGE, and has not received the same level of auditing and analysis that OpenSSH has received. This fork is currently based on OpenSSH version 8.9 (Git tag V_8_9_P1) release notes can be found here. More information about the project can be found here. OQS-OpenSSH is a fork of OpenSSH that adds quantum-safe cryptography to enable its use and evaluation in the SSH protocol.īoth liboqs and this fork are part of the Open Quantum Safe (OQS) project, which aims to develop and prototype quantum-safe cryptography. Liboqs is an open source C library for quantum-resistant cryptographic algorithms. This fork is not endorsed by the OpenSSH project. OQS-OpenSSH is a fork of OpenSSH that adds quantum-safe key exchange and signature algorithms using liboqs for prototyping and evaluation purposes. OpenSSH is an open-source implementation of the Secure Shell protocol.
0 kommentar(er)
