Awesome

oqs-demos

Purpose

A repository of instructions (with associated patches and scripts) to enable, through liboqs, the use of quantum-safe cryptography in various application software.

In most cases, Dockerfiles encode the instructions for ease-of-use: Just do docker build -t <package_name> .. For more detailed usage instructions (parameters, algorithms, etc.) refer to the README for each package. Pre-built Docker images may also be available.

As the level of interest in providing and maintaining these integrations for public consumption has fallen, the packages are tagged with the github monikers of the persons willing to keep supporting them or the term "unsupported". If that tag is listed, no CI and github support for the integration is available and the code shall be seen as a snapshot that once worked only.

We are explicitly soliciting contributors to maintain those integrations labelled "unsupported".

Currently available integrations at their respective support level:

	Build instructions	Pre-built Docker image or binary files	Support?
curl	Github: oqs-demos/curl	Dockerhub: openquantumsafe/curl, Dockerhub: openquantumsafe/curl-quic	@baentsch, @pi-314159
Apache httpd	Github: oqs-demos/httpd	Dockerhub: openquantumsafe/httpd	@baentsch
nginx	Github: oqs-demos/nginx	Dockerhub: openquantumsafe/nginx, Dockerhub: openquantumsafe/nginx-quic	@baentsch, @bhess, @pi-314159
Chromium	Github: oqs-demos/chromium (limited support)	-	@pi-314159
OpenSSH	Github: oqs-demos/openssh	Dockerhub: openquantumsafe/openssh	unsupported
Wireshark	Github: oqs-demos/wireshark	Dockerhub: openquantumsafe/wireshark	unsupported
Epiphany	Github: oqs-demos/epiphany	Dockerhub: openquantumsafe/epiphany	unsupported
OpenVPN	Github: oqs-demos/openvpn	Dockerhub: openquantumsafe/openvpn	unsupported
ngtcp2	Github: oqs-demos/ngtcp2	Dockerhub: Server: openquantumsafe/ngtcp2-server, Client: openquantumsafe/ngtcp2-client	unsupported
OpenLiteSpeed	Github: oqs-demos/openlitespeed	Dockerhub: openquantumsafe/openlitespeed	unsupported
h2load	Github: oqs-demos/h2load	Dockerhub: openquantumsafe/h2load	unsupported
HAproxy	Github: oqs-demos/haproxy	Dockerhub: openquantumsafe/haproxy	unsupported
Mosquitto	Github: oqs-demos/mosquitto	Dockerhub: openquantumsafe/mosquitto	unsupported
Envoy	Github: oqs-demos/envoy	Dockerhub: openquantumsafe/envoy	unsupported
Unbound	Github: oqs-demos/unbound	Dockerhub: openquantumsafe/unbound	unsupported

It should be possible to use the openssl (s_client), curl and GNOME Web/epiphany clients with all algorithm combinations available at the Open Quantum Safe TLS/X.509 interoperability test server at https://test.openquantumsafe.org (set up using oqs-provider v0.6.1 and liboqs v0.10.1) but no guarantees are given for software not explicitly labelled with the name of a person offering support for it. Since OQS-BoringSSL no longer maintains the same set of algorithms, software that depends on OQS-BoringSSL (e.g., nginx-quic and curl-quic) may not fully (inter)operate with the test server.

Contributing

Contributions are gratefully welcomed. See our Contributing Guide for more details.

License

All modifications to this repository are released under the same terms as liboqs, namely as described in the file LICENSE.

Team

Contributors to oqs-demos include:

Christian Paquin (Microsoft Research)
Dimitris Sikeridis (University of New Mexico / Cisco Systems)
Douglas Stebila (University of Waterloo)
Goutam Tamvada (University of Waterloo)
Michael Baentsch (baentsch.ch)
ISE @ FHNW (Fachhochschule Nordwestschweiz)
Anthony Hu (wolfSSL)
Igor Barshteyn
Chia-Chin Chung
Keelan Cannoo (University of Mauritius / Cyberstorm.mu)
Dindyal Jeevesh Rishi (University of Mauritius / cyberstorm.mu)
Dan Rouhana (University of Washington)
JT (Henan Raytonne Trading Company)

Acknowledgments

Most effort in this project has been provided by individual contributors working in their own time and out of personal interest to see how PQ crypto integrates into existing software stacks.

This project is part of Open Quantum Safe.