Post-Quantum Cryptography for Open Source Software from Africa

Post-Quantum Cryptography for Open Source Software from Africa by Loganaden Velvindron, cyberstorm's global team member. During the IETF 122 Hackathon in Bangkok

May 5, 2025 - 14:26
May 5, 2025 - 17:04
 0
Post-Quantum Cryptography for Open Source Software from Africa
Image of a globe with African map and a cybersecurity padlock, representing secure Open Source Software from Africa.

During the IETF 122 Hackathon in Bangkok and online last month, the cyberstorm team from Mauritius, the United States, and Kenya participated remotely to implement post-quantum cryptography components currently missing from widely-used open source software such as nmap, zmap, wireshark, and GnuTLS.

The ability to use post-quantum cryptography is an important part of ensuring continued security and privacy for people using the Internet as quantum computing—which may make it easier to circumvent many existing cryptographic methods—continues to develop and improve.  

Goal

Our goal during the IETF Hackathon was to make sure that popular open source software such as nmap, wireshark, and GnuTLS supported the latest version of Post Quantum Cryptography. We needed to make sure that those widely used tools such as nmap and zmap supported it correctly. Then, we were able to use them to implement large changes such as SecP384r1MLKEM1024 in GnuTLS—which is a secure communications library implementing the IETF-developed SSL, TLS and DTLS protocols and technologies around them, debug on the wire, and correct mistakes.

Our work built on Internet-Drafts such as ML-KEM Post-Quantum Key Agreement for TLS 1.3 and 

Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3. Both of these documents are being considered in the   IETF’s Transport Layer Security (TLS) Working Group.

Results

This work resulted in contributions (PRs) to Open Source software projects, several of which have already been incorporated. These include:

Lessons learned

Implementing SECP384r1MLKEM1024 in GnuTLS turned out to be a challenge due to GnuTLS internals, which are quite complex. It led to many interoperability failures and this required us to go through several iterations of the code to pass Continuous Integration (CI). We wish to thank the IBM/Redhat developers for taking the time to work with us and reviewing our code to make sure that it meets their high standards. We also wish to thank the Cloudflare engineers who also helped us by reviewing our code in other open source projects.

Next steps

We are working to raise awareness of the need for post quantum cryptography in African countries such as Mauritius and continue our work on implementing new post quantum cryptographic IETF standards in open source software ecosystems. African countries are often lagging behind by several years. We wish to change this by educating and promoting new IETF and W3C standards across Africa. We are the voice that represents close to 1.5 billion people from our continent. We are able to do this by standing on the shoulders of giants and we wish to thank everybody who helped us.

See also the Cyberstorm website.

What's Your Reaction?

Like Like 0
Dislike Dislike 0
Love Love 0
Funny Funny 0
Angry Angry 0
Sad Sad 0
Wow Wow 0
Techatty We are thrilled to announce that Techatty is now part of DFECHO. We will continue keeping you informed on reliable and meaningful tech updates, great opportunities, and resources to achieve greater success. We extend our heartfelt gratitude to our global community. Your steadfast support and active engagement over the years have been the cornerstone of Techatty’s success. THANK YOU!