A little while ago, we wrote a blog post (https://www.wolfssl.com/nsa-announces-cnsa-suite-2-0/) and did a webinar (https://www.youtube.com/watch?v=IiykMe-pjqo) about the CNSA 2.0 announcement(https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF). It discusses the need for preparing to use post-quantum algorithms. For signature schemes, it specifies Dilithium Level 5 as a good general purpose algorithm and LMS and XMSS as being good for signing software and firmware updates.
Here at wolfSSL, plans are underway to make our wolfBoot product use post-quantum algorithms to sign the image updates. Whether we start with Dilithium Level 5, LMS or XMSS is up in the air. On the one hand, the time lines as prescribed in CNSA 2.0 for LMS and XMSS are accelerated. On the other hand, Dilithium is already supported through our integration with liboqs.
Want us to accelerate our plans and get them a higher priority? Have a preference for one of Dilithium, LMS or XMSS? If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.