/oqs-demos

PARTIALLY SUPPORTED Instructions for enabling the use of quantum-safe cryptography in assorted software using the OQS suite. CONTRIBUTORS WANTED.

Primary LanguageDockerfile

GitHub actions QUIC open-quantum-safe

oqs-demos

Purpose

A repository of instructions (with associated patches and scripts) to enable, through liboqs, the use of quantum-safe cryptography in various application software.

In most cases, Dockerfiles encode the instructions for ease-of-use: Just do docker build -t <package_name> .. For more detailed usage instructions (parameters, algorithms, etc.) refer to the README for each package. Pre-built Docker images may also be available.

As the level of interest in providing and maintaining these integrations for public consumption has fallen, the packages are tagged with the github monikers of the persons willing to keep supporting them or the term "Unmaintained". If that tag is listed, no CI and github support for the integration is available and the code shall be seen as a snapshot that once worked only.

We are explicitly soliciting contributors to maintain those integrations labelled "Unmaintained".

Currently available integrations at their respective support level:

Build instructions Pre-built Docker image or binary files Support
curl Github: oqs-demos/curl Dockerhub: openquantumsafe/curl, Dockerhub: openquantumsafe/curl-quic Maintained: @baentsch, @pi-314159
Apache httpd Github: oqs-demos/httpd Dockerhub: openquantumsafe/httpd Maintained: @baentsch
nginx Github: oqs-demos/nginx Dockerhub: openquantumsafe/nginx, Dockerhub: openquantumsafe/nginx-quic Maintained: @baentsch, @bhess, @pi-314159
Chromium Github: oqs-demos/chromium (limited support) - Maintained: @pi-314159
Locust Github: oqs-demos/locust - Maintained: @davidgca
Wireshark Github: oqs-demos/wireshark Dockerhub: openquantumsafe/wireshark Maintained: @hayyaaf
OpenSSH Github: oqs-demos/openssh Dockerhub: openquantumsafe/openssh Unmaintained
OpenVPN Github: oqs-demos/openvpn Dockerhub: openquantumsafe/openvpn Unmaintained
ngtcp2 Github: oqs-demos/ngtcp2 Dockerhub: Server: openquantumsafe/ngtcp2-server, Client: openquantumsafe/ngtcp2-client Unmaintained
h2load Github: oqs-demos/h2load Dockerhub: openquantumsafe/h2load Unmaintained
HAproxy Github: oqs-demos/haproxy Dockerhub: openquantumsafe/haproxy Unmaintained
Mosquitto Github: oqs-demos/mosquitto Dockerhub: openquantumsafe/mosquitto Unmaintained
Epiphany Github: oqs-demos/epiphany Dockerhub: openquantumsafe/epiphany Deprecated
OpenLiteSpeed Github: oqs-demos/openlitespeed Dockerhub: openquantumsafe/openlitespeed Deprecated
Envoy Github: oqs-demos/envoy Dockerhub: openquantumsafe/envoy Deprecated
Unbound Github: oqs-demos/unbound Dockerhub: openquantumsafe/unbound Deprecated

It should be possible to use the openssl (s_client) and curl clients with all algorithm combinations available at the Open Quantum Safe TLS/X.509 interoperability test server at https://test.openquantumsafe.org (set up using oqs-provider v0.7.0 and liboqs v0.11.0) but no guarantees are given for software not explicitly labelled with the name of a person offering support for it. Since OQS-BoringSSL no longer maintains the same set of algorithms, software that depends on OQS-BoringSSL (e.g., nginx-quic and curl-quic) may not fully (inter)operate with the test server.

Contributing

Contributions are gratefully welcomed. See our Contributing Guide for more details.

License

All modifications to this repository are released under the same terms as liboqs, namely as described in the file LICENSE.

Team

Contributors to oqs-demos include:

Christian Paquin (Microsoft Research)
Dimitris Sikeridis (University of New Mexico / Cisco Systems)
Douglas Stebila (University of Waterloo)
Goutam Tamvada (University of Waterloo)
Michael Baentsch (baentsch.ch)
ISE @ FHNW (Fachhochschule Nordwestschweiz)
Anthony Hu (wolfSSL)
Igor Barshteyn
Chia-Chin Chung
Keelan Cannoo (University of Mauritius / Cyberstorm.mu)
Dindyal Jeevesh Rishi (University of Mauritius / cyberstorm.mu)
Dan Rouhana (University of Washington)
JT (Henan Raytonne Trading Company)
David Gomez-Cambronero (Telefonica Innovacion digital)
Khalid Alraddady (linkedin.com/in/khalid-alraddady)

Acknowledgments

Most effort in this project has been provided by individual contributors working in their own time and out of personal interest to see how PQ crypto integrates into existing software stacks.

This project is part of Open Quantum Safe.