Category: Post-Quantum

Research-focused cryptography startups deserve a lot of credit for the innovative work they do. They enrich the community and introduce solutions that may become crucial in the future. But their expertise is largely theoretical and academic, not practical and customer-aligned. wolfSSL, in contrast, is staffed by dedicated engineers with decades of experience delivering production quality solutions for critical infrastructure, crafting performant and portable code, often on short notice, for dozens of commercially significant architectures.

Given these hard-won advantages at wolfSSL, some cryptography providers have tried to differentiate themselves with custom hardware, promising a performance boost. Let’s test that proposition with a look at performance on lattice cryptography. The software implementation we’ll show is wolfSSL software production release 5.7.6, throughput per core on a commodity high performance CPU, in this case an AMD 7960X. The hardware-accelerated implementation we’ll show is PQShield’s PQPerform-Lattice, in a pre-production realization on Xilinx Zynq UltraScale+ at 322 MHz (see https://doi.org/10.1145/3689939.3695785).

Algorithm	key	operation	ops/sec	cycles/op	ops/sec	cycles/op
	size		wolfSSL	wolfSSL	PQShield	PQShield
KYBER512	128	key gen	422907	9955.0	140000	2300
KYBER512	128	encap	231528	18184.5	100625	3200
KYBER512	128	decap	230252	18225.0	68511	4700

Even when application-specific proprietary silicon has a performance advantage–which PQShield’s pre-production FPGA realization does not–it complicates platform design and production timelines, introduces supply-chain vulnerabilities, increases BoM expenses, and complicates parallelization. And crucially, it restricts crypto-agility, given hardware resources that are specific to a narrow class of cryptographic algorithm. This matters. It is widely acknowledged that Kyber/ML-KEM is based on a fairly new and under-studied body of mathematics, and further investigation may yet uncover a fatal flaw in this, or any of the other novel algorithms working their way through the standards-making process.

wolfSSL demonstrates superior performance with an open source software solution, without tying your design to a particular class of cryptographic algorithm. Indeed, our latest software implementation of ML-KEM is even faster than pre-standardization Kyber, attaining well over 300k encapsulation and decapsulation ops/s per core on the CPU shown above.

When you work with wolfSSL, your priorities become our priorities. We have always focused our resources on development, guided and enabled by our proud history of organic growth and customer-centric philosophy.

We provide the best tested code, worldwide 24×7 technical support that is second to none, and on-site interactions to ensure your goals are met. Our technical prowess and decades of experience let us operate across the whole spectrum of runtimes, from bare metal microcontrollers to data center big iron, with hand-crafted assembly optimizations fully leveraging vector instruction extensions.

Beyond the technical dimension, the professionals at wolfSSL focus on making sure you fully understand your options for licensing, support, and consulting, tailoring plans for your specific requirements and preferences. We draw up NDAs, SOWs and legal contracts so that you as a business have everything you need to secure your operational necessities.

Our team will see your project through, not only to delivery, but for the entire lifecycle after delivery. We are your reliable partner through the entire process, laser-focused on delivered results. This is what we do, and we do it better than anyone. This makes wolfSSL your ideal partner as you embark on the transition to quantum-resistant cryptography.

If you have questions about any of the above, please contact us at facts@wolfssl.com or +1 425 245 8247.

Download wolfSSL Now

Soon wolfSSL will no longer utilize the liboqs library. This change is intended to simplify the maintenance of the wolfSSL codebase by reducing the line count.

The wolfSSL library already provides its own implementations of post-quantum algorithms, including Kyber and Dilithium. To enable these algorithms, users can simply configure wolfSSL with the following options:

--enable-kyber --enable-dilithium

Note that the --with-liboqs configure option will no longer be present.

The wolfSSL team would like to extend our gratitude to the Open Quantum Safe (OQS) team for their hard work and dedication to promoting quantum-safe cryptography. Their efforts have been invaluable to the community.

If you have any questions or concerns about this deprecation, please don’t hesitate to reach out to facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Here at wolfSSL we love it when our partners achieve great things. We’d like to give a big shout out to our friends at Crypto4A for achieving a huge milestone by getting their CAVP (Cryptographic Algorithm Validation Program) validation. The details can be found here.

In summary, they got a Hardware validation for the QASM Cryptographic Module which stores, protects and manages cryptographic keys. Of very special note, their validation includes post-quantum algorithms LMS, ML-DSA, ML-KEM and SLH-DSA.

This is the same product that wolfSSL and Crypto4A use in an interoperability demonstration at the ICMC Conference in 2023. In that demonstration, the QASM signed a firmware image with LMS and wolfBoot was used to verify the firmware image against an LMS public key and signature and then booted the firmware. Preparations are underway for another demonstration where the QASM will be used to generate an ML-DSA certificate chain which will be used in a TLS 1.3 post-quantum connection using the wolfSSL library. The cryptographic operations will be done on an NXP iMX-93.

You can soon expect to see CAVP validation for wolfSSL’s post-quantum algorithm implementations in wolfCrypt as well. Want to see that effort accelerated and given a higher priority? Let us know and register your interest by sending a message to facts@wolfssl.com!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

In case you were wondering, the answer is a resounding YES!! We’ve been hard at work making post-quantum algorithms first class citizens in our products. Have a look at the list of post-quantum related changes made in our latest release of wolfSSL 5.7.4:

• Replaced the use of pqm4 with wolfCrypt’s implementations of Kyber (ML-KEM) and Dilithium (ML-DSA) on STM32 platforms (PR 7924)
• Configurable support for reduced dynamic memory allocation in wolfCrypt’s Dilithium (ML-DSA) implementation (PR 7727)
• Configurable support for Dilithium (ML-DSA) precalculated vectors (PR 7744)
• Allow Kyber (ML-KEM) to be built with FIPS 140-3 outside the boundary (PR 7788)
• Allow Kyber (ML-KEM) assembly optimizations to be used in the Linux kernel module (PR 7872)
• Update Dilithium and Kyber to ML-DSA and ML-KEM (PR 7877)

As you can see, not only is post-quantum cryptography still on the roadmap, it is a priority!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now

Lightning-fast Kyber (ML-KEM) implementations as specified in FIPS-203 are now here as of wolfSSL release 5.7.4:

• ARM32 v4 to v8 base assembly instructions for Kyber (ML-KEM); PR 8040
  • Even faster NEON instructions are under development!
• Aarch64 implementations of Kyber (ML-KEM) functions; PR 7998
• SHA-3 assembly implementations used by Kyber (ML-KEM); PR 7998
• ARMv7E-M/ARMv7-M assembly instructions for Kyber (ML-KEM); PR 7706

If you’re worried about the performance and speed of post-quantum Kyber (ML-KEM); you shouldn’t be! Even without these lightning fast optimizations, ML-DSA beats ECDH. You can see our benchmarks comparing ECDH against ML-DSA on ARM Cortex M4 here. Now, we give it that extra bit of oomph that leaves our competition in the dust!

Come on out and try it for yourself!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now