Interoperability of RHEL 10 post-quantum cryptography
While all RHEL 10 post-quantum cryptography (PQC) algorithms that use official names (ML-KEM, ML-DSA) follow the NIST-published standards for their implementation (FIPS 203 and 204), the National Institute of Standards and Technology (NIST) standards do not specify how the algorithms are used in other protocols or file formats.
A large set of possible ways to use them have been created, but only the ones that will be standardized by IETF may be supported in future releases of RHEL.
None of the listed post-quantum algorithms or algorithm combinations is guaranteed to be supported long term in Red Hat Enterprise Linux.
OpenSSL oqsprovider
The post-quantum algorithms in OpenSSL in RHEL 10.0 are provided through the oqsprovider package. An installation of the oqsprovider package automatically enables the open quantum-safe provider for OpenSSL (oqsprovider) and the use of the PQC algorithms implemented in the provider.
The OQS provider (oqsprovider-0.8.0-5.el10) implements the ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism) and ML-DSA (Module-Lattice-Based Digital Signature Algorithm) NIST standards. The package provides an early draft version of SLH-DSA (Stateless Hash-Based Digital Signature), the SPHINCS+ algorithm, which will not be supported in the future.
The OQS provider implements many algorithms, especially hybrids, that will not be supported in future RHEL releases.
KEM algorithms
| Algorithm name | ASN.1 Object ID (OID) | Standard private key file format | Private key standard reference | Standard public key file format | Public key standard reference | TLS Group ID | Issue reference |
|---|---|---|---|---|---|---|---|
| mlkem512 | 2.16.840.1.101.3.4.4.1 | no | oqsprovider-specific | yes | draft-ietf-lamps-kyber-certificates-10 | not supported | RHEL-72719 |
| p256_mlkem512 | 1.3.6.1.4.1.22554.5.7.1 | no | oqsprovider-specific | no | oqsprovider-specific | not supported | |
| x25519_mlkem512 | 1.3.6.1.4.1.22554.5.8.1 | no | oqsprovider-specific | no | oqsprovider-specific | not supported | |
| mlkem768 | 2.16.840.1.101.3.4.4.2 | no | oqsprovider-specific | yes | draft-ietf-lamps-kyber-certificates-10 | not supported | RHEL-72719 |
| p384_mlkem768 | not supported | not supported | not supported | not supported | |||
| x448_mlkem768 | not supported | not supported | not supported | not supported | |||
| X25519MLKEM768 | not supported | not supported | not supported | 4588 | |||
| SecP256r1MLKEM768 | not supported | not supported | not supported | 4587 | |||
| mlkem1024 | 2.16.840.1.101.3.4.4.3 | no | oqsprovider-specific | yes | draft-ietf-lamps-kyber-certificates-10 | not supported | RHEL-72719 |
| p521_mlkem1024 | not supported | not supported | not supported | not supported | |||
| SecP384r1MLKEM1024 | 1.3.6.1.4.1.42235.6 | no | oqsprovider-specific | no | oqsprovider-specific | 4589 |
Signing algorithms
| Algorithm name | ASN.1 Object ID (OID) | Standard private key file format | Private key standard reference | Standard public key file format | Public key standard reference | TLS SignatureScheme ID | Issue reference |
|---|---|---|---|---|---|---|---|
| mldsa44 | 2.16.840.1.101.3.4.3.17 | no | oqsprovider-specific | yes | draft-ietf-lamps-dilithium-certificates-08 | 0x0904 | |
| p256_mldsa44 | 1.3.9999.7.5 | no | oqsprovider-specific | no | oqsprovider-specific | 0xff06 | |
| rsa3072_mldsa44 | 1.3.9999.7.6 | no | oqsprovider-specific | no | oqsprovider-specific | 0xff07 | |
| mldsa44_pss2048 | 2.16.840.1.114027.80.8.1.1 | no | oqsprovider-specific | no | oqsprovider-specific | 0x090f | |
| mldsa44_rsa2048 | 2.16.840.1.114027.80.8.1.2 | no | oqsprovider-specific | no | oqsprovider-specific | 0x090c | |
| mldsa44_ed25519 | 2.16.840.1.114027.80.8.1.3 | no | oqsprovider-specific | no | oqsprovider-specific | 0x090a | |
| mldsa44_p256 | 2.16.840.1.114027.80.8.1.4 | no | oqsprovider-specific | no | oqsprovider-specific | 0x0907 | |
| mldsa44_bp256 | 2.16.840.1.114027.80.8.1.5 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfee5 | |
| mldsa65 | 2.16.840.1.101.3.4.3.18 | no | oqsprovider-specific | yes | draft-ietf-lamps-dilithium-certificates-08 | 0x0905 | |
| p384_mldsa65 | 1.3.9999.7.7 | no | oqsprovider-specific | no | oqsprovider-specific | 0xff08 | |
| mldsa65_pss3072 | 2.16.840.1.114027.80.8.1.6 | no | oqsprovider-specific | no | oqsprovider-specific | 0x0910 | |
| mldsa65_rsa3072 | 2.16.840.1.114027.80.8.1.7 | no | oqsprovider-specific | no | oqsprovider-specific | 0x090d | |
| mldsa65_p256 | 2.16.840.1.114027.80.8.1.8 | no | oqsprovider-specific | no | oqsprovider-specific | 0x0908 | |
| mldsa65_bp256 | 2.16.840.1.114027.80.8.1.9 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfee9 | |
| mldsa65_ed25519 | 2.16.840.1.114027.80.8.1.10 | no | oqsprovider-specific | no | oqsprovider-specific | 0x090b | |
| mldsa87 | 2.16.840.1.101.3.4.3.19 | no | oqsprovider-specific | yes | draft-ietf-lamps-dilithium-certificates-08 | 0x0906 | |
| p521_mldsa87 | 1.3.9999.7.8 | no | oqsprovider-specific | no | oqsprovider-specific | 0xff09 | |
| mldsa87_p384 | 2.16.840.1.114027.80.8.1.11 | no | oqsprovider-specific | no | oqsprovider-specific | 0x0909 | |
| mldsa87_bp384 | 2.16.840.1.114027.80.8.1.12 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeec | |
| mldsa87_ed448 | 2.16.840.1.114027.80.8.1.13 | no | oqsprovider-specific | no | oqsprovider-specific | 0x0912 | |
| sphincssha2128fsimple | 1.3.9999.6.4.13 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeb3 | |
| p256_sphincssha2128fsimple | 1.3.9999.6.4.14 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeb4 | |
| rsa3072_sphincssha2128fsimple | 1.3.9999.6.4.15 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeb5 | |
| sphincssha2128ssimple | 1.3.9999.6.4.16 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeb6 | |
| p256_sphincssha2128ssimple | 1.3.9999.6.4.17 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeb7 | |
| rsa3072_sphincssha2128ssimple | 1.3.9999.6.4.18 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeb8 | |
| sphincssha2192fsimple | 1.3.9999.6.5.10 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeb9 | |
| p384_sphincssha2192fsimple | 1.3.9999.6.5.11 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfeba | |
| sphincsshake128fsimple | 1.3.9999.6.7.13 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfec2 | |
| p256_sphincsshake128fsimple | 1.3.9999.6.7.14 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfec3 | |
| rsa3072_sphincsshake128fsimple | 1.3.9999.6.7.15 | no | oqsprovider-specific | no | oqsprovider-specific | 0xfec4 |
GnuTLS
KEM algorithms
| Algorithm name | ASN.1 Object ID (OID) | Standard private key file format | Private key standard reference | Standard public key file format | Public key standard reference | TLS Group ID | Issue reference |
|---|---|---|---|---|---|---|---|
| GROUP-SECP256R1-MLKEM768 | not supported | not supported | not supported | not supported | 4587 | ||
| GROUP-SECP384R1-MLKEM1024 | not supported | not supported | not supported | not supported | 4589 | ||
| GROUP-X25519-MLKEM768 | not supported | not supported | not supported | not supported | 4588 |
Signing algorithms
| Algorithm name | ASN.1 Object ID (OID) | Standard private key file format | Private key standard reference | Standard public key file format | Public key standard reference | TLS SignatureScheme ID | Issue reference |
|---|---|---|---|---|---|---|---|
| mldsa44 | 2.16.840.1.101.3.4.3.17 | no | oqsprovider-specific | yes | draft-ietf-lamps-dilithium-certificates-08 | not supported | RHEL-64740, RHEL-85829 |
| mldsa65 | 2.16.840.1.101.3.4.3.18 | no | oqsprovider-specific | yes | draft-ietf-lamps-dilithium-certificates-08 | not supported | RHEL-64740, RHEL-85829 |
| mldsa87 | 2.16.840.1.101.3.4.3.19 | no | oqsprovider-specific | yes | draft-ietf-lamps-dilithium-certificates-08 | not supported | RHEL-64740, RHEL-85829 |
NSS
KEM algorithms
| Algorithm name | ASN.1 Object ID (OID) | Standard private key file format | Private key standard reference | Standard public key file format | Public key standard reference | TLS Group ID | Issue reference |
|---|---|---|---|---|---|---|---|
| mlkem768secp256r1 | not supported | not supported | not supported | not supported | 4587 | ||
| mlkem768x25519 | not supported | not supported | not supported | not supported | 4588 |
OpenSSH
KEM algorithms
| Algorithm name | Standard reference | Issue reference |
|---|---|---|
| sntrup761x25519-sha512 | draft-ietf-sshm-ntruprime-ssh-02 | |
| sntrup761x25519-sha512@openssh.com | draft-ietf-sshm-ntruprime-ssh-02 | |
| mlkem768x25519-sha256 | draft-ietf-sshm-mlkem-hybrid-kex-02 |
Go
The Go toolset supports only one, very early, draft of post-quantum key exchange in TLS. It is not supported by any other library in RHEL 10, and it will not be supported in the future.
KEM algorithms
| Algorithm name | ASN.1 Object ID (OID) | Standard private key file format | Private key standard reference | Standard public key file format | Public key standard reference | TLS Group ID | Issue reference |
|---|---|---|---|---|---|---|---|
| x25519Kyber768Draft00 | not supported | not supported | not supported | not supported | 25497 |
Additional resources
NIST FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard
NIST FIPS 204: Module-Lattice-Based Digital Signature Standard
NIST FIPS 205: Stateless Hash-Based Digital Signature Standard
Comments