Private bug reported:
Post-Quantum Cryptography (PQC) refers to cryptographic algorithms
designed to be secure against attacks from quantum computers, which can
potentially break widely used classical algorithms such as RSA and ECC.
With the advancement of quantum computing, there is an increasing need
to transition to quantum-resistant cryptographic mechanisms.
On AMD Venice platforms, PQC enablement involves supporting next-generation cryptographic algorithms (e.g., lattice-based, hash-based, and code-based schemes) across the system stack, including firmware, OS, and applications. This includes integration with cryptographic libraries, hardware acceleration (if available), and secure key management frameworks
.
PQC is particularly important for long-lived data protection, secure communications, firmware signing, and confidential computing environments. It ensures that systems deployed today remain secure against future quantum threats ("harvest now, decrypt later" attacks).
In the Linux kernel, PQC support is emerging through integration with
user-space cryptographic libraries (e.g., OpenSSL with PQC extensions),
kernel crypto APIs, and security frameworks. Platform-level enablement
on AMD Venice requires validation, performance optimization, and
potential hardware acceleration support.
Feature Request:
Requested details to be enabled on OS:
Enable PQC algorithm support in system cryptographic libraries (e.g., OpenSSL, liboqs).
Integrate PQC with kernel crypto APIs where applicable.
Support PQC-based TLS/SSH and secure communication protocols.
Enable PQC for firmware signing and secure boot/update workflows.
Evaluate and enable hardware acceleration (if supported by platform).
Provide hybrid cryptography support (classical + PQC) for transition phases.
Integrate PQC with key management and attestation frameworks.
Support PQC in confidential computing environments.
Provide benchmarking and performance optimization for PQC workloads.
Ensure compatibility with existing applications and protocols.
Provide tools and libraries for PQC testing and validation.
Document PQC enablement strategy, usage, and limitations on AMD Venice.
Business Justification:
Future-proofs platform security against quantum computing threats.
Protects long-lived sensitive data from future decryption risks.
Aligns with industry and regulatory movement toward PQC adoption.
Enhances trust in platform security for enterprise and cloud customers.
Enables early adoption and competitive advantage in secure computing.
Supports compliance with emerging cryptographic standards.
References:
NIST Post-Quantum Cryptography Standardization Project
Open Quantum Safe (liboqs) Project
OpenSSL PQC Integration Documentation
Industry Whitepapers on Quantum-Resistant Cryptography
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Public to Private
--
You received this bug notification because you are subscribed to linux
in Ubuntu.
Matching subscriptions: Bgg, Bmail, Nb
https://bugs.launchpad.net/bugs/2146723
Title:
Request for Security Support – Post-Quantum Cryptography (PQC)
Enablement on AMD Venice in Ubuntu 26.04
Status in linux package in Ubuntu:
New
Bug description:
Post-Quantum Cryptography (PQC) refers to cryptographic algorithms
designed to be secure against attacks from quantum computers, which
can potentially break widely used classical algorithms such as RSA and
ECC. With the advancement of quantum computing, there is an increasing
need to transition to quantum-resistant cryptographic mechanisms.
On AMD Venice platforms, PQC enablement involves supporting next-generation cryptographic algorithms (e.g., lattice-based, hash-based, and code-based schemes) across the system stack, including firmware, OS, and applications. This includes integration with cryptographic libraries, hardware acceleration (if available), and secure key management frameworks
.
PQC is particularly important for long-lived data protection, secure communications, firmware signing, and confidential computing environments. It ensures that systems deployed today remain secure against future quantum threats ("harvest now, decrypt later" attacks).
In the Linux kernel, PQC support is emerging through integration with
user-space cryptographic libraries (e.g., OpenSSL with PQC
extensions), kernel crypto APIs, and security frameworks. Platform-
level enablement on AMD Venice requires validation, performance
optimization, and potential hardware acceleration support.
Feature Request:
Requested details to be enabled on OS:
Enable PQC algorithm support in system cryptographic libraries (e.g., OpenSSL, liboqs).
Integrate PQC with kernel crypto APIs where applicable.
Support PQC-based TLS/SSH and secure communication protocols.
Enable PQC for firmware signing and secure boot/update workflows.
Evaluate and enable hardware acceleration (if supported by platform).
Provide hybrid cryptography support (classical + PQC) for transition phases.
Integrate PQC with key management and attestation frameworks.
Support PQC in confidential computing environments.
Provide benchmarking and performance optimization for PQC workloads.
Ensure compatibility with existing applications and protocols.
Provide tools and libraries for PQC testing and validation.
Document PQC enablement strategy, usage, and limitations on AMD Venice.
Business Justification:
Future-proofs platform security against quantum computing threats.
Protects long-lived sensitive data from future decryption risks.
Aligns with industry and regulatory movement toward PQC adoption.
Enhances trust in platform security for enterprise and cloud customers.
Enables early adoption and competitive advantage in secure computing.
Supports compliance with emerging cryptographic standards.
References:
NIST Post-Quantum Cryptography Standardization Project
Open Quantum Safe (liboqs) Project
OpenSSL PQC Integration Documentation
Industry Whitepapers on Quantum-Resistant Cryptography
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2146723/+subscriptions
Комментариев нет:
Отправить комментарий