OQS Provider Algorithm Support - crt26/pqc-evaluation-tools GitHub Wiki
Algorithm Support Summary
The majority of algorithms provided by the OQS-Provider are supported by this project for automated TLS handshake and TLS speed benchmarking. However, a few exceptions exist due to known limitations in protocol compliance or tool compatibility.
Known General Limitations
HQC and its variants are disabled by default in both Liboqs and the OQS-Provider due to their current implementations not conforming to the latest specification, which includes important security fixes. As a result, HQC algorithms are excluded from all performance benchmarking unless explicitly enabled by the user using dedicated flags during the setup process.
Known TLS Handshake Testing Limitations
Certain variations of the supported digital signature schemes are excluded from TLS handshake testing due to non-compliance with RFC 8446, which defines the specifications of the TLS 1.3 protocol. These include:
- UOV Scheme Variations
- SNOVA Scheme Variations
- CROSSrsdp256small
These schemes remain available for use in the TLS speed tests that the PQC-Evaluation-Tools provides using the OpenSSL speed tool.
Whilst a significant number of these scheme variations can not be used in TLS Handshake testing, there are the following exceptions:
| Scheme | Variations Supported for TLS Handshake Testing |
|---|---|
| UOV | OV_Ip_pkc, p256_OV_Ip_pkc, OV_Ip_pkc_skc, p256_OV_Ip_pkc_skc |
| SNOVA | snova2454, p256_snova2454, snova2454esk, p256_snova2454esk, snova37172, p256_snova37172, snova2455, p384_snova2455, snova2965, p521_snova2965 |
| CROSSrsdp | CROSSrsdp256small |
OpenSSL 3.5.0 Compatibility
With the introduction of native PQC support in OpenSSL 3.5.0, the OQS-Provider automatically disables its implementations of overlapping algorithms (e.g., ML-KEM, ML-DSA, SLH-DSA) to prevent provider conflicts during initialisation. For more information, see the relevant OQS-Provider documentation below.
Additional Information
For further details on algorithm support, compatibility, HQC implementation issues, or enabling algorithms disabled by default, see:
Supported KEM Algorithms
| Algorithm Name | Hybrid Algorithm (*) | TLS Handshake Test Support (*) | OpenSSL Speed Test Support (*) | Requires Enabling (*) |
|---|---|---|---|---|
| frodo640aes | * | * | ||
| frodo640shake | * | * | ||
| frodo976aes | * | * | ||
| frodo976shake | * | * | ||
| frodo1344aes | * | * | ||
| frodo1344shake | * | * | ||
| p256_frodo640aes | * | * | * | |
| x25519_frodo640aes | * | * | * | |
| p256_frodo640shake | * | * | * | |
| x25519_frodo640shake | * | * | * | |
| p384_frodo976aes | * | * | * | |
| x448_frodo976aes | * | * | * | |
| p384_frodo976shake | * | * | * | |
| x448_frodo976shake | * | * | * | |
| p521_frodo1344aes | * | * | * | |
| p521_frodo1344shake | * | * | * | |
| bikel1 | * | * | ||
| bikel3 | * | * | ||
| bikel5 | * | * | ||
| p256_bikel1 | * | * | * | |
| x25519_bikel1 | * | * | * | |
| p384_bikel3 | * | * | * | |
| x448_bikel3 | * | * | * | |
| p521_bikel5 | * | * | * | |
| p256_mlkem512 | * | * | * | |
| x25519_mlkem512 | * | * | * | |
| p384_mlkem768 | * | * | * | |
| x448_mlkem768 | * | * | * | |
| p521_mlkem1024 | * | * | * | |
| hqc128 | * | * | * | |
| hqc192 | * | * | * | |
| hqc256 | * | * | * |
Supported Digital Signature Algorithms
| Algorithm Name | Hybrid Algorithm (*) | TLS Handshake Test Support (*) | OpenSSL Speed Test Support (*) | Requires Enabling (*) |
|---|---|---|---|---|
| falcon512 | * | * | ||
| falconpadded512 | * | * | ||
| falcon1024 | * | * | ||
| falconpadded1024 | * | * | ||
| p256_falcon512 | * | * | * | |
| rsa3072_falcon512 | * | * | * | |
| p256_falconpadded512 | * | * | * | |
| rsa3072_falconpadded512 | * | * | * | |
| p521_falcon1024 | * | * | * | |
| p521_falconpadded1024 | * | * | * | |
| sphincssha2128fsimple | * | * | ||
| sphincssha2128ssimple | * | * | ||
| sphincssha2192fsimple | * | * | ||
| sphincssha2192ssimple | * | * | * | |
| sphincssha2256fsimple | * | * | * | |
| sphincssha2256ssimple | * | * | * | |
| sphincsshake128fsimple | * | * | ||
| sphincsshake128ssimple | * | * | * | |
| sphincsshake192fsimple | * | * | * | |
| sphincsshake192ssimple | * | * | * | |
| sphincsshake256fsimple | * | * | * | |
| sphincsshake256ssimple | * | * | * | |
| p256_sphincssha2128fsimple | * | * | * | |
| rsa3072_sphincssha2128fsimple | * | * | * | |
| p256_sphincssha2128ssimple | * | * | * | |
| rsa3072_sphincssha2128ssimple | * | * | * | |
| p384_sphincssha2192fsimple | * | * | * | |
| p384_sphincssha2192ssimple | * | * | * | |
| p521_sphincssha2256fsimple | * | * | * | * |
| p521_sphincssha2256ssimple | * | * | * | * |
| p256_sphincsshake128fsimple | * | * | * | |
| rsa3072_sphincsshake128fsimple | * | * | * | |
| p256_sphincsshake128ssimple | * | * | * | * |
| rsa3072_sphincsshake128ssimple | * | * | * | * |
| p384_sphincsshake192fsimple | * | * | * | * |
| p384_sphincsshake192ssimple | * | * | * | * |
| p521_sphincsshake256fsimple | * | * | * | * |
| p521_sphincsshake256ssimple | * | * | * | * |
| mayo1 | * | * | ||
| mayo2 | * | * | ||
| mayo3 | * | * | ||
| mayo5 | * | * | ||
| p256_mayo1 | * | * | * | |
| p256_mayo2 | * | * | * | |
| p384_mayo3 | * | * | * | |
| p521_mayo5 | * | * | * | |
| CROSSrsdp128balanced | * | * | ||
| CROSSrsdp128fast | * | * | * | |
| CROSSrsdp128small | * | * | * | |
| CROSSrsdp192balanced | * | * | * | |
| CROSSrsdp192fast | * | * | * | |
| CROSSrsdp192small | * | * | * | |
| CROSSrsdp256small | * | * | * | |
| CROSSrsdpg128balanced | * | * | * | |
| CROSSrsdpg128fast | * | * | * | |
| CROSSrsdpg128small | * | * | * | |
| CROSSrsdpg192balanced | * | * | * | |
| CROSSrsdpg192fast | * | * | * | |
| CROSSrsdpg192small | * | * | * | |
| CROSSrsdpg256balanced | * | * | * | |
| CROSSrsdpg256fast | * | * | * | |
| CROSSrsdpg256small | * | * | ||
| OV_Is | * | * | ||
| OV_Ip | * | * | ||
| OV_III | * | * | ||
| OV_V | * | * | ||
| OV_Is_pkc | * | |||
| OV_Ip_pkc | * | * | ||
| OV_III_pkc | * | * | ||
| OV_V_pkc | * | * | ||
| OV_Is_pkc_skc | * | |||
| OV_Ip_pkc_skc | * | * | ||
| OV_III_pkc_skc | * | * | ||
| OV_V_pkc_skc | * | * | ||
| p256_OV_Is | * | * | * | |
| p256_OV_Ip | * | * | * | |
| p384_OV_III | * | * | * | |
| p521_OV_V | * | * | * | |
| p256_OV_Is_pkc | * | * | ||
| p256_OV_Ip_pkc | * | * | * | |
| p384_OV_III_pkc | * | * | * | |
| p521_OV_V_pkc | * | * | * | |
| p256_OV_Is_pkc_skc | * | * | ||
| p256_OV_Ip_pkc_skc | * | * | * | |
| p384_OV_III_pkc_skc | * | * | * | |
| p521_OV_V_pkc_skc | * | * | * | |
| p256_mldsa44 | * | * | * | * |
| rsa3072_mldsa44 | * | * | * | * |
| p384_mldsa65 | * | * | * | * |
| p521_mldsa87 | * | * | * | * |
| snova2454 | * | * | ||
| snova2454shake | * | * | ||
| snova2454esk | * | * | ||
| snova2454shakeesk | * | * | ||
| snova37172 | * | * | ||
| snova2583 | * | * | ||
| snova56252 | * | * | ||
| snova49113 | * | * | ||
| snova3784 | * | * | ||
| snova2455 | * | * | ||
| snova60104 | * | * | ||
| snova2965 | * | * | ||
| p256_snova2454 | * | * | * | |
| p256_snova2454shake | * | * | * | |
| p256_snova2454esk | * | * | * | |
| p256_snova2454shakeesk | * | * | * | |
| p256_snova37172 | * | * | * | |
| p256_snova2583 | * | * | * | |
| p384_snova56252 | * | * | * | |
| p384_snova49113 | * | * | * | |
| p384_snova3784 | * | * | * | |
| p384_snova2455 | * | * | * | |
| p521_snova60104 | * | * | * | |
| p521_snova2965 | * | * | * |