The Linux Foundation has announced the creation of the Post-Quantum Cryptography Alliance (PQCA), aimed at addressing safety concerns associated with quantum computing. The alliance will develop and introduce post-quantum encryption to mitigate these risks. The goal is to prepare highly secure implementations of standardized post-quantum encryption, ensure their development and support, and participate in the standardization and creation of prototypes for new post-quantum algorithms.
Founding members of the alliance include Amazon Web Services (AWS), Cisco, Google, IBM, NVIDIA, IntellectEU, Keyfactor, Kudelski IoT, QUSECURE, and SANDBOXAQ. Notably, among the participants are co-authors of the Crystals-Kyber, Crystals-Dilithium, Falcon, and Sphincs+ algorithms, which have been selected for standardization by the US National Institute of Standards and Technology (NIST).
The alliance has already taken on two projects:
- Open Quantum Safe (OQS): This project focuses on developing and creating prototypes of cryptographic systems that are resistant to quantum computing. OQS develops an open library called liboqs with post-quantum key encapsulation mechanisms. It also includes a collection of projects integrating these algorithms into various protocols and applications, such as SSH, TLS, S/MIME, and X.509. Projects like OpenSSL, OpenSSH, MbedTLS, WolfSSL, StrongSwan, BoringSSL, and Libssh are involved in the integration efforts.
- PQ Code Package: This project aims to create and support highly efficient implementations of post-quantum algorithms promoted as standards. The initial phase focuses on implementing the ml-kem (module-lattice-based key encapsulation mechanism) algorithm, followed by ml-dsa and SLH-DSA implementations. The reliability of these implementations will be verified through independent external audits and formal verification. There is also interest in continuing the development of existing ML-KEM implementations in Rust and optimizing them using AVX2 instructions and CPU Aarch64 extensions.