The OpenSSL Project usually makes the news when a vulnerability has been discovered or resolved. However, the team behind the OpenSSL internet connection encryption program is now taking proactive measures: quantum-proof encryption is included in the latest beta version.
This is the public beta of OpenSSL 3.5. While earlier encryption for internet connections could theoretically be cracked in no time at all by a quantum computer, this should not be the case for the newly supported encryption. For example, there is now support for the QUIC protocol (Quick UDP Internet Connection), ML-KEM, ML-DSA and SLH-DSA.
These three (ML-KEM, ML-DSA, SLH-DSA) form a kind of three-stage rocket for the new quantum-safe internet. ML-KEM, according to NIST, is intended as a replacement for the Advanced Encryption Standard (AES), which appears in various forms in everything from Wi-Fi to Google Cloud and from password managers to the American government. Big shoes to fill, then. ML-DSA is recommended as the new standard for digital signatures and SLH-DSA is an alternative.
On top of FIPS 140-3 validation
Earlier this month, it appeared that OpenSSL had already achieved FIPS 140-3 validation with version 3.1.2. This allows organizations to use the OpenSSL library to secure internet connections under this approval until at least March 10, 2030.
However, in order to meet all requirements after that time, heavier artillery may be needed when it comes to encryption. Although the actual arrival of a quantum computer is anyone’s guess, IBM believes we should expect one in the early 2030s. Microsoft, Google and AWS are also working on quantum chips that have so far been mainly proof-of-concepts, but promise a great deal of progress and scalability.
Quantum safe
Although ML-KEM, ML-DSA and SLH-DSA are among the approved quantum-proof encryptions, this is only theoretical. NIST estimates that the introduction of the quantum computer will most likely be unable to crack these encryptions.
Eventually, OpenSSL, like other protocols and security standards, will look for new FIPS validations. With the aforementioned encryptions, FIPS 203 (ML-KEM), 204 (ML-DSA) and 205 (SLH-DSA) would be within reach.