2025-10-07 –, Belvedere II/ Community, Contribution & the Future
This talk revisits the trials and tribulations of writing an OpenSSL provider for a large family of PQC algorithms. In 2021, initially only PQC KEM algorithms were made available by the author but over time signature, hybrid and composite PQC support got added, too. This work could only succeed with the active support by the core OpenSSL team which this talk will provide examples for. In turn, the author also began to contribute back to OpenSSL core some functions enhancing the OpenSSL provider concept, documenting the benefits of a truly open source cooperation.
This talk provides a quick overview of the OpenSSL provider concept as needed to explain the work implementing oqsprovider. It will show the initial implementation approach, the improved design done in cooperation with the OpenSSL team as well as the various further functional enhancements done collaboratively over the course of the last 4 years. The talk will end with suggestions for further work to the OpenSSL provider concept based on the experiences made by the author.
See https://baentsch.ch . Key dates (polish/expanded on demand):
MSc CS 1994 U Kaiserslautern, Germany and researcher there until
PhD CS 1997 U Kaiserslautern, Germany, then staff and product manager, at IBM Research Zurich incl. another education as
MBA 2003 U Strathclyde, UK
Since 2021 independent security software freelancer in the FOSS space.