OpenSSL 3.5.0 now contains post-quantum procedures

In order to avoid being at the mercy of attacks from large quantum computers in the future, many libraries are adding post-quantum procedures. This includes OpenSSL, which announced in September 2024 that it would implement the newly standardized post-quantum methods in the near future. This has now happened: With the new version 3.5.0, OpenSSL supports the ML-KEM, ML-DSA and SLH-DSA methods.

PQC methods at a glance

The procedures are the result of a selection process launched by the US standardization authority NIST (National Institute of Standards and Technology) in 2016. This resulted in three standards in 2024: FIPS-203, FIPS-204 and FIPS-205. German researchers were involved in many of the submitted procedures.

FIPS-203 is based on the asymmetric Kyber algorithm (now called ML-KEM for short, formerly CRYSTALS-Kyber), which is intended to replace traditional key exchange procedures such as RSA or ECDSA in the future. FIPS-204 is based on the dilithium algorithm (ML-DSA, formerly CRYSTALS-Dilithium) and is used for digital signatures. As an alternative to ML-DSA, the NIST standardized Sphincs+ (SLH-DSA) with FIPS-205.

New version 3.5.0 is an LTS

Apart from the implementation of the PQC procedures, OpenSSL classified all functions of BIO_meth_get_*() as deprecated with version 3.5.0. In addition, the symmetric method aes-256-cbc now replaces des-ede3-cbc as the standard for the commands req, cms and smime. All other changes are documented in the release notes on GitHub.

The version released on April 8, 2025 is also an LTS (long term stable) and will be provided with updates for five years until April 8, 2030. The next version 3.6 is scheduled for release in October 2025.

(wid)