Nicola Tuveri
A Doctoral Researcher at Tampere University (Finland), I contributed to OpenSSL for the first time in 2010, later I had the honor of becoming an OpenSSL Committer and I have been serving in the OpenSSL Technical Committee since 2019. Since the last election, I also serve as representative for Academics in the Business Advisory Committee at the OpenSSL Foundation, and in the newly formed Technical Advisory Committees at OpenSSL Foundation and Corporation.
My research specializes in software and micro architecture side-channel analysis and the integration of modern cryptosystems (lately mainly PQC) in mainstream libraries such as OpenSSL.
I am leading the efforts of Tampere University within the QUBIP Horizon Europe project to integrate PQC into OpenSSL, NSS, and Firefox using loadable modules.
Session
The post-quantum cryptography (PQC) transition is more than a drop-in key exchange replacement—it’s a deep transformation in how cryptographic software is designed, built, and integrated. OpenSSL 3.0 introduced the concept of Providers, a flexible plugin architecture that enables new cryptographic algorithms to be implemented outside of the core library. This opens the door for innovation, modularity—and Rust.
In this session, we introduce Aurora, a third-party OpenSSL provider implemented in Rust as part of the EU-funded QUBIP project. Aurora enables transparent PQC adoption for OpenSSL-based applications, including hybrid certificate validation, algorithm agility, and integration with Rust’s cryptographic ecosystem.
We’ll walk through the motivation behind building a provider in Rust, the challenges we faced (e.g., FFI safety, Provider interface complexity), and how Aurora leverages Rust’s guarantees to offer a robust foundation for cryptographic experimentation and deployment.
The session includes a live demo showing how Aurora can inject PQC algorithms into existing OpenSSL workflows without modifying the application code. We’ll also explore tooling such as openssl-provider-forge, our Rust crate that simplifies authoring and testing custom providers.
Whether you’re maintaining a TLS stack, building HSM software, or researching cryptographic agility, this talk will provide hands-on insight into the real-world journey of enabling PQC inside OpenSSL using modern language tools.