Releases: open-quantum-safe/openssh
OQS-OpenSSH-snapshot-2024-08
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2024-08 snapshot release of OQS-OpenSSH, released on August 30, 2024. This release is intended to be used with liboqs version 0.10.1.
What's New
This is the eighth snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 9.7 portable 1.
- Updated fork to track upstream OpenSSH 9.7.
- Update algorithm list in line with
liboqs
v0.10.1.- Introduces generic support for ML-KEM-IPD, ML-DSA-IPD, SNTRUP, BIKEr4, MAYO, and Falcon (Padded).
- Support for ML-KEM and ML-DSA is provided using a
liboqs
alias which will update from the IPD versions to the final FIPS-203 and FIPS-204 standards when they are available in the underlyingliboqs
.
- Added support for x25519 hybrid key exchange algorithms.
- Working interop support for
x25519-kyber-512r3-sha256-d00@amazon.com
key exchange. - Working interop support for
sntrup761x25519-sha512@openssh.com
key exchange.
- Working interop support for
- Support for all ML-KEM based hybrid key exchanges in https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/
mlkem768nistp256-sha256
,mlkem1024nistp384-sha384
,mlkem768x25519-sha256
- For the
0.10.1
release ofliboqs
, these will be backed by the IPD versions of the algorithm.
- Migrated from CircleCI to Github Actions.
Detailed changelog
Full Changelog: OQS-OpenSSH-snapshot-2023-10...OQS-OpenSSH-snapshot-2024-08
Full Changelog (Omitting upstream merge): ac7c26b...b89166e
OQS-OpenSSH snapshot 2023-10
OQS-OpenSSH snapshot 2023-10
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2023-10 snapshot release of OQS-OpenSSH, released on October 21, 2023. This release is intended to be used with liboqs version 0.9.0.
What's New
This is the seventh snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 8.9 portable 1.
- Update algorithm list in line with
liboqs
v0.9.0.
Detailed changelog
- Update IDs to reflect updated McEliece in liboqs v0.9.0 in #148
Full Changelog: OQS-OpenSSH-snapshot-2023-06...OQS-OpenSSH-snapshot-2023-10
OQS-OpenSSH snapshot 2023-06
OQS-OpenSSH snapshot 2023-06
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2023-06 snapshot release of OQS-OpenSSH, released on June 26, 2023. This release is intended to be used with liboqs version 0.8.0.
What's New
This is the eighth snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 8.9 portable 1.
- Update algorithm list in line with
liboqs
v0.8.0 - Update algorithm naming as per #136
What's Changed
- removing Picnic,NTRUprime,Rainbow,Saber by @baentsch in #129
- Removed NTRU. by @xvzcf in #130
- toggle alg enablement in line with NIST decisions by @baentsch in #132
- Remove mentions of Rainbow in comments by @christianpaquin in #133
- Deprecate broken appveyor tests by @christianpaquin in #140
- Update method names in kex.h by @csosto-pk in #138
- Fixing encoding issue 136 by @csosto-pk in #137
- Updating draft link by @csosto-pk in #142
- Syncing with new liboqs algorithm list. by @xvzcf in #143
New Contributors
- @csosto-pk made their first contribution in #138
Full Changelog: OQS-OpenSSH-snapshot-2022-08...OQS-OpenSSH-snapshot-2023-06
OQS-OpenSSH snapshot 2022-08
OQS-OpenSSH snapshot 2022-08
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2022-08 snapshot release of OQS-OpenSSH, released on August 23, 2022. This release is intended to be used with liboqs version 0.7.2.
What's New
This is the seventh snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 8.9 portable 1.
- Update to upstream v8.9p1.
- Remove Rainbow level 1 and SIKE/SIDH.
Detailed changelog
- Use mpint representation for shared_secret when deriving keys in pure-PQ key exchange, and some other bug fixes; fixes #119 by @kevinmkane in #120
- V_8_9_P1 upgrade by @christianpaquin in #121
- bring testing and documentation in line by @baentsch in #123
- remove rainbowI, sike/sidh by @baentsch in #126
Full Changelog: OQS-OpenSSH-snapshot-2022-01...OQS-OpenSSH-snapshot-2022-08
OQS-OpenSSH snapshot 2022-01
OQS-OpenSSH snapshot 2022-01
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2022-01 snapshot release of OQS-OpenSSH, released on January 6, 2022. This release is intended to be used with liboqs version 0.7.1.
What's New
This is the sixth snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 8.6 portable 1.
- Add NTRU and NTRU Prime level 5 KEMs.
Detailed changelog
Full Changelog: OQS-OpenSSH-snapshot-2021-08...OQS-OpenSSH-snapshot-2022-01
OQS-OpenSSH snapshot 2021-08
OQS-OpenSSH snapshot 2021-08
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2021-08 snapshot release of OQS-OpenSSH, released on August 11, 2021. This release is intended to be used with liboqs version 0.7.0.
What's New
This is the fifth snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 8.6 portable 1.
- This is a rewrite of prior versions of OQS-OpenSSH, performed by Goutam Tamvada, Christian Paquin, and Michael Baentsch.
- Uses the updated NIST Round 3 submissions added to liboqs 0.7.0, as described in the liboqs release notes.
OQS-OpenSSH snapshot 2020-08
OQS-OpenSSH snapshot 2020-08
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2020-08 snapshot release of OQS-OpenSSH, released on August 11, 2020. Its release page on GitHub is https://github.com/open-quantum-safe/openssh/releases/tag/OQS-OpenSSH-snapshot-2020-08. This release is intended to be used with liboqs version 0.4.0.
What's New
This is the fourth snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 7.9 portable 1.
- Uses the updated NIST Round 2 submissions added to liboqs 0.4.0, as described in the liboqs release notes.
Deprecations
As a result of NIST's announcement of Round 3 of the Post-Quantum Cryptography Standardization Project, this is the last release of OQS-OpenSSH that contain algorithms from Round 2 that are not Round 3 finalists or alternate candidates. Those algorithms will be removed in the next release. The algorithms in question are: NewHope, ThreeBears, MQDSS, and qTesla. These algorithms are considered deprecated within OQS-OpenSSH will receive no updates after this release.
OQS-OpenSSH snapshot 2020-07
OQS-OpenSSH snapshot 2020-07
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
OQS-OpenSSH is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This is the 2020-07 snapshot release of OQS-OpenSSH, released on July 10, 2020. Its release page on GitHub is https://github.com/open-quantum-safe/openssh/releases/tag/OQS-OpenSSH-snapshot-2020-07. This release is intended to be used with liboqs version 0.3.0.
What's New
This is the third snapshot release of the OQS fork of OpenSSH. It is based on OpenSSH 7.9 portable 1.
What's New
- Uses the updated NIST Round 2 submissions added to liboqs 0.3.0, as described in the liboqs release notes.
OQS-openssh snapshot 2019-10
OQS-openssh snapshot 2019-10
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
open-quantum-safe/openssh-portable is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
Release notes
This snapshot of the OQS fork of OpenSSH was released on October 8, 2019. Its release page on Github is https://github.com/open-quantum-safe/openssh-portable/releases/tag/OQS-OpenSSH-snapshot-2019-10.
What's New
This is the second snapshot release of the OQS fork of OpenSSH. It is based on the upstream OpenSSH 7.9 portable 1 release.
What's New
Update to use NIST Round 2 submissions added to liboqs 0.2.0.
Key encapsulation mechanisms
- Update FrodoKEM, NewHope, and SIDH/SIKE to NIST Round 2 submissions
- Add Kyber, NTRU, and Saber NIST Round 2 submissions
Digital signature schemes
- Update Picnic to NIST Round 2 submissions
- Add Dilithium, MQDSS, Rainbow, and SPHINCS+ NIST Round 2 submissions
Future work
Snapshot releases of the OQS fork of OpenSSH will be made every 2 to 3 months. These will include syncing the branch with upstream releases of OpenSSH, and changes required to sync with new releases of liboqs.
OQS-OpenSSH-snapshot-2018-11
OQS-openssh snapshot 2018-11
About
The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on our website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.
liboqs is an open source C library for quantum-resistant cryptographic algorithms.
open-quantum-safe/openssh-portable is an integration of liboqs into (a fork of) OpenSSH. The goal of this integration is to provide easy prototyping of quantum-resistant cryptography. The integration should not be considered "production quality".
This branch of our fork of OpenSSH can be used with the following versions of liboqs:
- liboqs master branch 0.1.0
- liboqs nist-branch 2018-11 snapshot
Release notes
This snapshot of the OQS fork of OpenSSH was released on November 13, 2018. Its release page on Github is https://github.com/open-quantum-safe/openssh-portable/releases/tag/OQS-OpenSSH-snapshot-2018-11.
What's New
This is the first snapshot release of the OQS fork of OpenSSH.
It is based on the upstream OpenSSH 7.7 portable 1 release.
It provides:
- post-quantum key exchange in SSH 2
- hybrid (post-quantum + elliptic curve) key exchange in SSH 2
It can build against either liboqs master branch or liboqs nist-branch.
Future work
Snapshot releases of the OQS fork of OpenSSH will be made approximately bi-monthly. These will include syncing the branch with upstream releases of OpenSSH, and changes required to sync with new releases of liboqs.