Question about using quantum algorithms from liboqs

[NovakovicA]

Hello,

The question might be stupid, in which case I apologise in advance.

Is there a way to use quantum algorithms (NTRU, FrodoKEM etc) within this OpenSSL fork as you would, for instance, use AES, RSA and other algorithms from OpenSSL (non-related to TLS), having both quantum and non-quantum algorithms within the same library? It's my first time looking at the OpenSSL code so I might have missed some documentation files related to this. Any help pointing me out to the right direction/needed documentation is greatly appreciated.

[baentsch]

Well,Yes and No: It depends on the algorithm family: The quantum-safe key exchange algorithms can be used as-is exactly only as intended, i.e., as KEX algorithms, not as plain streaming ciphers (like say AES). The QS signature algorithms in turn work pretty much identical to classic signature algorithms (without the need to use a digest before feeding them, although that still can be done), e.g., see the CMS example.

[baentsch]

Sure -- you then want to use liboqs. Example KEM code here.

[NovakovicA]

Oh okay, thought so, but I guessed there was maybe a better way. Thank you!

[baentsch]

there was maybe a better way.

In which way better? That code allows you to call and run any QSC KEM via C.

[NovakovicA]

I was thinking of using the OpenSSL EVP functions with these algorithms.

[baentsch]

I was thinking of using the OpenSSL EVP functions with these algorithms.

Why? Whatever, I'm not entirely sure that that's possible in OQS-OpenSSL(1.1.1). But it's certain to work using oqs-provider in OpenSSL3: The OpenSSL3 TLS logic consumes all crypto functionality via the EVP API and any provider, incl. oqs-provider, is plugged underneath that interface.