Caution
This project is currently in development and not yet ready for production use.
Expect changes to occur from time to time, and at this stage, some features may be unavailable.
Table of Contents
aurora provides a framework to build
OpenSSL Providers
tailored for the transition to post-quantum cryptography.
aurora showcases an approach we call "shallow loadable modules",
to enhance cryptographic agility
in order to adapt to the rapidly evolving ecosystem
of PQC algorithms and implementations:
- shallow: refers to the fact that we do not embed the cryptographic implementation within the Provider itself, but rather we depend on external implementations and provide decoupling between the OpenSSL library and your selection of external implementations;
- loadable modules: highlights that our design aims to produce modules that can be loaded at runtime into OpenSSL, to provide the desired functionality as needed, and seamlessly for OpenSSL and applications running on top of it.
While we do not tightly couple with specific implementation choices,
at the moment we support a limited selection of algorithms
and external implementations through our Adapters.
The current supported algorithms are summarized in the following tables.
Note
Future updates to aurora will expand its support for additional PQC algorithms and other external implementations.
| Algorithm | Adapter | PQ/T Hybrid |
|---|---|---|
| X25519MLKEM768 | libcrux | ✅ |
| SecP256r1MLKEM768 | libcrux | ✅ |
| X25519MLKEM768Draft00 ( |
libcrux_draft | ✅ |
| Algorithm | Adapter |
|---|---|
| ML-DSA-65 ( |
pending |
See the open issues for a list of proposed features (and known issues).
- Top Feature Requests (Add your votes using the 👍 reaction)
- Top Bugs (Add your votes using the 👍 reaction)
- Newest Bugs
Reach out to the maintainers at one of the following places:
- GitHub issues
- security@romen.dev to disclose security issues according to our security documentation.
- coc@romen.dev to report violations of our Code of Conduct.
- Details about the GPG keys to encrypt reports are included in our security documentation.
If you want to say thank you or/and support active development:
- Add a GitHub Star to the project.
- Mention this project on your social media of choice.
- Write interesting articles about the project, and cite us.
Together, we can make Aurora better!
The GitHub repository primarily serves as a mirror, and will be updated every time a new version is released. It might not always be updated with the latest commits in between releases. However, contributions are still very welcome!
Please read our contribution guidelines, and thank you for being involved!
The original setup of this repository is by NISEC.
For a full list of all authors and contributors, see the contributors page.
In this project, we aim to follow good security practices, but 100% security cannot be assured. This crate is provided "as is" without any warranty. Use at your own risk.
For more information and to report security issues, please refer to our security documentation.
This project is licensed under the Apache Software License 2.0.
See LICENSE for more information.
This work has been developed within the QUBIP project (https://www.qubip.eu), funded by the European Union under the Horizon Europe framework programme grant agreement no. 101119746.