Paper 2016/1017

Post-Quantum Key Exchange for the Internet and the Open Quantum Safe Project

Douglas Stebila and Michele Mosca


Designing public key cryptosystems that resist attacks by quantum computers is an important area of current cryptographic research and standardization. To retain confidentiality of today's communications against future quantum computers, applications and protocols must begin exploring the use of quantum-resistant key exchange and encryption. In this paper, we explore post-quantum cryptography in general and key exchange specifically. We review two protocols for quantum-resistant key exchange based on lattice problems: BCNS15, based on the ring learning with errors problem, and Frodo, based on the learning with errors problem. We discuss their security and performance characteristics, both on their own and in the context of the Transport Layer Security (TLS) protocol. We introduce the Open Quantum Safe project, an open-source software project for prototyping quantum-resistant cryptography, which includes liboqs, a C library of quantum-resistant algorithms, and our integrations of liboqs into popular open-source applications and protocols, including the widely used OpenSSL library.

Note: Based on the Stafford Tavares Invited Lecture at Selected Areas in Cryptography (SAC) 2016 by D. Stebila. References and related work updated July 28, 2017.

Available format(s)
Publication info
Published elsewhere. Selected Areas in Cryptography (SAC) 2016; invited paper
post-quantum cryptographykey exchangeimplementationSSLTLS
Contact author(s)
stebilad @ mcmaster ca
2017-07-28: revised
2016-10-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Douglas Stebila and Michele Mosca},
      title = {Post-Quantum Key Exchange for the Internet and the Open Quantum Safe Project},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1017},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.