aurora

Report a Bug · Request a Feature · Ask a Question

[!CAUTION]

Development in Progress

This project is currently in development and not yet ready for production use.

Expect changes to occur from time to time, and at this stage, some features may be unavailable.

About

aurora provides a framework to build OpenSSL Providers tailored for the transition to post-quantum cryptography.

aurora showcases an approach we call "shallow loadable modules", to enhance cryptographic agility in order to adapt to the rapidly evolving ecosystem of PQC algorithms and implementations:

• shallow: refers to the fact that we do not embed the cryptographic implementation within the Provider itself, but rather we depend on external implementations and provide decoupling between the OpenSSL library and your selection of external implementations;
• loadable modules: highlights that our design aims to produce modules that can be loaded at runtime into OpenSSL, to provide the desired functionality as needed, and seamlessly for OpenSSL and applications running on top of it.

[!NOTE] Note on naming

The name of the project is Aurora. The name of the repository follows Github conventions, while the corresponding crate name on crates.io was not available. So the former is aurora, while the latter is qubip_aurora.

This crate builds cdylib named aurora. On Linux this usually means that the build output is called libaurora.so.

Supported algorithms

While we do not tightly couple with specific implementation choices, at the moment we support a limited selection of algorithms and external implementations through our Adapters.

The current supported algorithms are summarized in the following tables.

[!NOTE] Future updates to aurora will expand its support for additional PQC algorithms and other external implementations.

Key Encapsulation Methods

Digital Signatures

[!NOTE]

• The ML-DSA-{44,65}_ED25519 algorithms also use ed25519-dalek for the traditional part of the signature.
• Relevant EU transition recommendations mandate hybrids for the PQC transition: in QUBIP we provide pure ML-DSA options for experimentation only. In QUBIP's Internet Browsing Pilot we avoid pure ML-DSA deployments in favor of "Composite ML-DSA" and consistently recommend this approach.
• Transition recommendations that mandate hybrids for the PQC transition usually mark SLH-DSA as explicitly exempt from the PQ/T Hybrid requirement.
• In the general TLS use cases, adopting SLH-DSA for signing the handshake is not recommended. aurora supports the registered IANA TLS SignatureScheme codepoints for experimentation only, and in QUBIP's Internet Browsing Pilot we do not use SLH-DSA for End-Entity certificates. More details about related discussion are available on the IETF mailing list.

Roadmap

See the open issues for a list of proposed features (and known issues).

• Top Feature Requests (Add your votes using the 👍 reaction)
• Top Bugs (Add your votes using the 👍 reaction)
• Newest Bugs

Support

Reach out to the maintainers at one of the following places:

• GitHub issues
• security@romen.dev to disclose security issues according to our security documentation.
• coc@romen.dev to report violations of our Code of Conduct.
• Details about the GPG keys to encrypt reports are included in our security documentation.

Project assistance

If you want to say thank you or/and support active development:

• Add a GitHub Star to the project.
• Mention this project on your social media of choice.
• Write interesting articles about the project, and cite us.

Together, we can make Aurora better!

Contributing

The GitHub repository primarily serves as a mirror, and will be updated every time a new version is released. It might not always be updated with the latest commits in between releases. However, contributions are still very welcome!

Please read our contribution guidelines, and thank you for being involved!

Authors & contributors

The original setup of this repository is by NISEC.

For a full list of all authors and contributors, see the contributors page.

Security

In this project, we aim to follow good security practices, but 100% security cannot be assured. This crate is provided "as is" without any warranty. Use at your own risk.

For more information and to report security issues, please refer to our security documentation.

License

This project is licensed under the Apache License, Version 2.0 (Apache-2.0).

Copyright 2023-2025 Tampere University

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

See LICENSE for more information.

Acknowledgements

This work has been developed as part of the QUBIP project (https://www.qubip.eu), funded by the European Union under the Horizon Europe framework programme grant agreement no. 101119746.