While all RHEL 10 post-quantum cryptography (PQC) algorithms that use official names (ML-KEM, ML-DSA, SLH-DSA) follow the NIST-published standards for their implementation (FIPS 203, 204, and 205), the National Institute of Standards and Technology (NIST) standards do not specify how the algorithms are used in other protocols or file formats.
A large set of possible ways to use them have been created, but only the ones that will be standardized by IETF might be supported in future releases of RHEL.
Red Hat Enterprise Linux 10.1
The post-quantum cryptography available in RHEL 10.1 is fully supported. The implementations use IETF-defined identifiers and file formats for those algorithms.
OpenSSL
The post-quantum algorithms in OpenSSL 3.5 in RHEL 10.1 are included in the default provider. They are not included in the fips provider; as such, only the hybrid key exchange algorithms that use the FIPS-approved curves are functional when the system works in FIPS mode: the SecP256r1MLKEM768 and SecP384r1MLKEM1024.
KEM Algorithms
Signing algorithms
GnuTLS
KEM algorithms
| Algorithm name |
ASN.1 Object ID (OID) |
Standard private key file format |
Private key standard reference |
Standard public key file format |
Public key standard reference |
TLS Group ID |
Issue reference |
| GROUP-SECP256R1-MLKEM768 |
not supported |
not supported |
|
not supported |
not supported |
4587 |
|
| GROUP-SECP384R1-MLKEM1024 |
not supported |
not supported |
|
not supported |
not supported |
4589 |
|
| GROUP-X25519-MLKEM768 |
not supported |
not supported |
|
not supported |
not supported |
4588 |
|
Signing algorithms
NSS
KEM algorithms
| Algorithm name |
ASN.1 Object ID (OID) |
Standard private key file format |
Private key standard reference |
Standard public key file format |
Public key standard reference |
TLS Group ID |
Issue reference |
| secp256r1mlkem768 |
not supported |
not supported |
|
not supported |
not supported |
4587 |
|
| x25519mlkem768 |
not supported |
not supported |
|
not supported |
not supported |
4588 |
|
| secp384r1mlkem1024 |
not supported |
not supported |
|
not supported |
not supported |
4589 |
|
Signing algorithms
OpenSSH
KEM algorithms
Go
KEM algorithms
| Algorithm name |
ASN.1 Object ID (OID) |
Standard private key file format |
Private key standard reference |
Standard public key file format |
Public key standard reference |
TLS Group ID |
Issue reference |
| X25519MLKEM768 |
not supported |
not supported |
|
not supported |
not supported |
4588 |
|
Red Hat Enterprise Linux 10.0
In RHEL 10.0 support for post-quantum cryptography is present as Technology Preview. In particular, the set of supported algorithms and the file formats used by those implementations are not standard.
OpenSSL oqsprovider
The post-quantum algorithms in OpenSSL in RHEL 10.0 are provided through the oqsprovider package. An installation of the oqsprovider package automatically enables the open quantum-safe provider for OpenSSL (oqsprovider) and the use of the PQC algorithms implemented in the provider.
The OQS provider (oqsprovider-0.8.0-5.el10) implements the ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism) and ML-DSA (Module-Lattice-Based Digital Signature Algorithm) NIST standards. The package provides an early draft version of SLH-DSA (Stateless Hash-Based Digital Signature), the SPHINCS+ algorithm, which will not be supported in the future.
The OQS provider implements many algorithms, especially hybrids, that will not be supported in future RHEL releases.
KEM algorithms
| Algorithm name |
ASN.1 Object ID (OID) |
Standard private key file format |
Private key standard reference |
Standard public key file format |
Public key standard reference |
TLS Group ID |
Issue reference |
| mlkem512 |
2.16.840.1.101.3.4.4.1 |
no |
oqsprovider-specific |
yes |
draft-ietf-lamps-kyber-certificates-10 |
not supported |
RHEL-72719 |
| p256_mlkem512 |
1.3.6.1.4.1.22554.5.7.1 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
not supported |
|
| x25519_mlkem512 |
1.3.6.1.4.1.22554.5.8.1 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
not supported |
|
| mlkem768 |
2.16.840.1.101.3.4.4.2 |
no |
oqsprovider-specific |
yes |
draft-ietf-lamps-kyber-certificates-10 |
not supported |
RHEL-72719 |
| p384_mlkem768 |
not supported |
not supported |
|
not supported |
|
not supported |
|
| x448_mlkem768 |
not supported |
not supported |
|
not supported |
|
not supported |
|
| X25519MLKEM768 |
not supported |
not supported |
|
not supported |
|
4588 |
|
| SecP256r1MLKEM768 |
not supported |
not supported |
|
not supported |
|
4587 |
|
| mlkem1024 |
2.16.840.1.101.3.4.4.3 |
no |
oqsprovider-specific |
yes |
draft-ietf-lamps-kyber-certificates-10 |
not supported |
RHEL-72719 |
| p521_mlkem1024 |
not supported |
not supported |
|
not supported |
|
not supported |
|
| SecP384r1MLKEM1024 |
1.3.6.1.4.1.42235.6 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
4589 |
|
Signing algorithms
| Algorithm name |
ASN.1 Object ID (OID) |
Standard private key file format |
Private key standard reference |
Standard public key file format |
Public key standard reference |
TLS SignatureScheme ID |
Issue reference |
| mldsa44 |
2.16.840.1.101.3.4.3.17 |
no |
oqsprovider-specific |
yes |
draft-ietf-lamps-dilithium-certificates-08 |
0x0904 |
|
| p256_mldsa44 |
1.3.9999.7.5 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xff06 |
|
| rsa3072_mldsa44 |
1.3.9999.7.6 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xff07 |
|
| mldsa44_pss2048 |
2.16.840.1.114027.80.8.1.1 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x090f |
|
| mldsa44_rsa2048 |
2.16.840.1.114027.80.8.1.2 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x090c |
|
| mldsa44_ed25519 |
2.16.840.1.114027.80.8.1.3 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x090a |
|
| mldsa44_p256 |
2.16.840.1.114027.80.8.1.4 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x0907 |
|
| mldsa44_bp256 |
2.16.840.1.114027.80.8.1.5 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfee5 |
|
| mldsa65 |
2.16.840.1.101.3.4.3.18 |
no |
oqsprovider-specific |
yes |
draft-ietf-lamps-dilithium-certificates-08 |
0x0905 |
|
| p384_mldsa65 |
1.3.9999.7.7 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xff08 |
|
| mldsa65_pss3072 |
2.16.840.1.114027.80.8.1.6 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x0910 |
|
| mldsa65_rsa3072 |
2.16.840.1.114027.80.8.1.7 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x090d |
|
| mldsa65_p256 |
2.16.840.1.114027.80.8.1.8 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x0908 |
|
| mldsa65_bp256 |
2.16.840.1.114027.80.8.1.9 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfee9 |
|
| mldsa65_ed25519 |
2.16.840.1.114027.80.8.1.10 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x090b |
|
| mldsa87 |
2.16.840.1.101.3.4.3.19 |
no |
oqsprovider-specific |
yes |
draft-ietf-lamps-dilithium-certificates-08 |
0x0906 |
|
| p521_mldsa87 |
1.3.9999.7.8 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xff09 |
|
| mldsa87_p384 |
2.16.840.1.114027.80.8.1.11 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x0909 |
|
| mldsa87_bp384 |
2.16.840.1.114027.80.8.1.12 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeec |
|
| mldsa87_ed448 |
2.16.840.1.114027.80.8.1.13 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0x0912 |
|
| sphincssha2128fsimple |
1.3.9999.6.4.13 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeb3 |
|
| p256_sphincssha2128fsimple |
1.3.9999.6.4.14 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeb4 |
|
| rsa3072_sphincssha2128fsimple |
1.3.9999.6.4.15 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeb5 |
|
| sphincssha2128ssimple |
1.3.9999.6.4.16 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeb6 |
|
| p256_sphincssha2128ssimple |
1.3.9999.6.4.17 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeb7 |
|
| rsa3072_sphincssha2128ssimple |
1.3.9999.6.4.18 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeb8 |
|
| sphincssha2192fsimple |
1.3.9999.6.5.10 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeb9 |
|
| p384_sphincssha2192fsimple |
1.3.9999.6.5.11 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfeba |
|
| sphincsshake128fsimple |
1.3.9999.6.7.13 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfec2 |
|
| p256_sphincsshake128fsimple |
1.3.9999.6.7.14 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfec3 |
|
| rsa3072_sphincsshake128fsimple |
1.3.9999.6.7.15 |
no |
oqsprovider-specific |
no |
oqsprovider-specific |
0xfec4 |
|
GnuTLS
KEM algorithms
| Algorithm name |
ASN.1 Object ID (OID) |
Standard private key file format |
Private key standard reference |
Standard public key file format |
Public key standard reference |
TLS Group ID |
Issue reference |
| GROUP-SECP256R1-MLKEM768 |
not supported |
not supported |
|
not supported |
not supported |
4587 |
|
| GROUP-SECP384R1-MLKEM1024 |
not supported |
not supported |
|
not supported |
not supported |
4589 |
|
| GROUP-X25519-MLKEM768 |
not supported |
not supported |
|
not supported |
not supported |
4588 |
|
Signing algorithms
NSS
KEM algorithms
| Algorithm name |
ASN.1 Object ID (OID) |
Standard private key file format |
Private key standard reference |
Standard public key file format |
Public key standard reference |
TLS Group ID |
Issue reference |
| mlkem768secp256r1 |
not supported |
not supported |
|
not supported |
not supported |
4587 |
|
| mlkem768x25519 |
not supported |
not supported |
|
not supported |
not supported |
4588 |
|
OpenSSH
KEM algorithms
Go
The Go toolset supports only one, very early, draft of post-quantum key exchange in TLS. It is not supported by any other library in RHEL 10, and it will not be supported in the future.
KEM algorithms
| Algorithm name |
ASN.1 Object ID (OID) |
Standard private key file format |
Private key standard reference |
Standard public key file format |
Public key standard reference |
TLS Group ID |
Issue reference |
| x25519Kyber768Draft00 |
not supported |
not supported |
|
not supported |
not supported |
25497 |
|
Additional resources
NIST FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard
NIST FIPS 204: Module-Lattice-Based Digital Signature Standard
NIST FIPS 205: Stateless Hash-Based Digital Signature Standard
Comments