Implementation

One barrier to adoption and migration to PQC is quality implementations that engineers and security professionals can rely on for critical business needs. Without production quality implementations of PQC algorithms, PQC will be difficult to adopt by the larger engineering and business community. This effort aims to alleviate any fears associated with the readiness of post-quantum cryptographic implementations in real-world systems.

Goals

This workstream will focus on three categories of “Implementations” work (all open-source):

  1. Work to advance production-quality implementations of post-quantum algorithms
  2. Improve or contribute to side-channel-resistant implementations [Potentially, this should be forked into its own workstream; e.g. determine what level of side-channel-resistance is worth doing, how to align with Common Criteria, whether to set up some ‘open competition for grad students/academia,’ etc.]
  3. Accelerate the creation and maintenance of formally verified implementations

Impact

Having production-quality implementations, high assurance implementations, and implementations that are resistant to novel side channel attacks could help minimize perceived risks associate with a PQC and accelerate adoption and migration.