We’ve integrated liboqs into a fork of OpenSSH to provide prototype post-quantum and hybrid key exchange in the SSH protocol. Researchers looking to try additional post-quantum algorithms can easily add more algorithms that follow the OQS API.
A pre-Internet-Draft is available describing how the SSH protocol was adapted to include the hybrid PQ key exchange algorithms.
The goal of this integration is to provide easy prototyping of quantum-resistant cryptography and should not be considered “production quality”. Please see more about limitations of our prototype software.
See the README for the list of supported algorithms and usage instructions.
The easiest way to get started with experimenting with post-quantum cryptography is to use our pre-built Docker image containing post-quantum-enabled openssh:
- Getting and running the pre-built post-quantum enabled openssh demo Docker image
- Building your own openssh demo Docker image
There also exist post-quantum-enabled docker images for TLS applications.
- snapshot 2020-08 aligned with liboqs 0.4.0 (September 3, 2020) current version
- snapshot 2020-07 aligned with liboqs 0.3.0 (July 10, 2020)
- snapshot 0219-10 aligned with liboqs 0.2.0 (October 8, 2019)
- snapshot 2020-07 aligned with liboqs 0.1.0 (November 13, 2018)
- all releases
The current OQS-OpenSSH fork was originally developed by Torben Hansen (Amazon Web Services and Royal Holloway, University of London), and is now maintained by the OQS team.