OpenSSLNTRU integrates transparent post-quantum key exchange into applications that use the OpenSSL cryptographic library. At the protocol level, OpenSSLNTRU is a TLS 1.3 modification similar to the Google-Cloudflare CECPQ2 experiment, but OpenSSLNTRU provides performance advantages, security advantages, and software-engineering advantages:
OpenSSLNTRU adds support for KEM in TLS 1.3 to OpenSSL, including also an optional reference implementation of a post-quantum KEM. A separate OpenSSL ENGINE, OpenSSLNTRU's new
engntru, overrides the reference implementation with an optimized implementation. This decoupling shields OpenSSL from the fast-moving ecosystem of optimized post-quantum software.
engntru, in turn, uses a simpler interface to call a separate library, OpenSSLNTRU's new
libsntrup761, for the optimized implementation. This shields the optimized library developer from the OpenSSL interface details, and will allow the same optimized library to be reused for OpenSSL 3 and other cryptographic libraries.
libsntrup761sets new speed records for key generation in Quotient NTRU cryptosystems. This makes
sntrup761, the post-quantum component of OpenSSLNTRU, not just slightly smaller but also faster than
ntruhrss701, the post-quantum component of CECPQ2, while providing higher Core-SVP security and removing concerns about cyclotomic structure.
The following table shows the performance details. All cycle counts are Haswell cycles, and the 166000 is the new key-generation speed.
|key+ciphertext traffic||2276 bytes||2197 bytes|
|keygen time||272028 cycles||166000 cycles|
|enc time||26116 cycles||48780 cycles|
|dec time||63632 cycles||59120 cycles|
|post-quantum Core-SVP security||2^125||2^139|
Contributors (alphabetical order)
- Daniel J. Bernstein, University of Illinois at Chicago, USA; Ruhr University Bochum, Germany
- Billy Bob Brumley, Tampere University, Finland
- Ming-Shing Chen, Ruhr University Bochum, Germany
- Nicola Tuveri, Tampere University, Finland
This work was supported by the Cisco University Research Program under the "Post-quantum networking" project.
This work was supported by the U.S. National Science Foundation under grant 1913167. "Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation."
This project has received funding from the European Research Council (ERC) under the European Union's Horizon 2020 research and innovation programme (grant agreement No 804476).
Version: This is version 2020.09.28 of the "Intro" web page.