Skip to content

Commit

Permalink
Post-Quantum Cryptography in OpenPGP
Browse files Browse the repository at this point in the history
  • Loading branch information
@songdongsheng
songdongsheng committed Jul 13, 2024
1 parent 3c4bf70 commit 1e21273
Show file tree
Hide file tree
Showing 2 changed files with 211 additions and 6 deletions.
11 changes: 5 additions & 6 deletions source/_posts/2020/Q1/2020-02-16-linux-distribution-kernel-glibc-version.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,15 +51,14 @@ Amazon Linux 2023 | 2023-03 | 2.34 | 11.4 | 6.
CBL-Mariner 2.0 | 2022-05 | 2.35 | 11.2 | 5.15
Ubuntu 22.04 | 2022-04 | 2.35 | 12.1 | 5.15
Debian 12 | 2023-06 | [2.36](https://tracker.debian.org/pkg/glibc) | [12.2](https://packages.debian.org/bookworm/libgcc-s1) | [6.1](https://tracker.debian.org/pkg/linux)
Fedora 37 | 2022-11 | 2.36 | 12.3 | 6.5
Fedora 38 | 2023-04 | 2.37 | 13.2 | 6.8
Fedora 39 | 2023-11 | 2.38 | 13.2 | 6.8
openEuler 24.04 | 2024-06 | 2.38 | 12.3 | 6.6
SLE 15 SP6 | 2024-06 | 2.38 | 13.3 | 6.4
**Ubuntu 24.04** | 2024-04 | **2.39** | 14.0 | 6.8
Fedora 40 | 2024-04 | 2.39 | 14.0 | 6.8
Debian 13 | ***2025-06*** | [2.41 ?](https://tracker.debian.org/pkg/glibc) | [15.2 ?](https://packages.debian.org/trixie/libgcc-s1) | [6.12 ?](https://tracker.debian.org/pkg/linux)
Fedora 40 | 2024-04 | 2.39 | 14.1 | 6.9
Debian 13 | ***2025-06*** | [2.40 ?](https://tracker.debian.org/pkg/glibc) | [14.2 ?](https://packages.debian.org/trixie/libgcc-s1) | [6.12 ?](https://tracker.debian.org/pkg/linux)
RHEL 10 | ***2025-08*** | [2.40 ?](https://composes.stream.centos.org/stream-10/production/latest-CentOS-Stream/compose/BaseOS/x86_64/os/Packages/) | [14.2 ?](https://composes.stream.centos.org/stream-10/production/latest-CentOS-Stream/compose/BaseOS/x86_64/os/Packages/) | [6.12 ?](https://composes.stream.centos.org/stream-10/production/latest-CentOS-Stream/compose/BaseOS/x86_64/os/Packages/)
[SUSE Adaptable Linux Platform (ALP)](https://download.opensuse.org/repositories/SUSE:/ALP/) | ***2025-??*** | 2.39 ? | 14.0 ? | 6.8 ?
[**openSUSE Tumbleweed**](https://download.opensuse.org/tumbleweed/repo/oss/x86_64/) | ***Rolling*** | 2.39 ? | 14.0 ? | 6.8 ?
[**openSUSE Tumbleweed**](https://download.opensuse.org/tumbleweed/repo/oss/x86_64/) | ***Rolling*** | 2.39 ? | 14.1 ? | 6.9 ?
Alpine 3.18 | [2023-05](https://alpinelinux.org/releases/) | musl [1.2.4](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.18-stable/main/musl/APKBUILD) | [libgcc 12.2](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.18-stable/main/gcc/APKBUILD) | [6.1](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.18-stable/main/linux-lts/APKBUILD)
Alpine 3.19 | [2023-12](https://alpinelinux.org/releases/) | musl [1.2.4](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.19-stable/main/musl/APKBUILD) | [libgcc 13.2](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.19-stable/main/gcc/APKBUILD) | [6.6](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.19-stable/main/linux-lts/APKBUILD)
Alpine 3.20 | [2024-05](https://alpinelinux.org/releases/) | musl [1.2.5](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.20-stable/main/musl/APKBUILD) | [libgcc 13.2](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.20-stable/main/gcc/APKBUILD) | [6.6](https://gitlab.alpinelinux.org/alpine/aports/-/blob/3.20-stable/main/linux-lts/APKBUILD)
Expand Down
206 changes: 206 additions & 0 deletions source/_posts/2024/Q3/2024-07-13-post-quantum-cryptography-in-openpgp.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,206 @@
---
title: 'Post-Quantum Cryptography in OpenPGP'
excerpt: 'Post-Quantum Cryptography in OpenPGP'
date: 2024-07-13 14:53:36
tags:
- Linux
- Windows
- Security
categories: [Utility, Security]
---

# Post-Quantum Cryptography in OpenPGP

The newly released GnuPG 2.5.0 begins to experimentally support the post-quantum public key algorithm extension of the OpenPGP protocol. The post-quantum public key algorithm extension of the OpenPGP protocol provides the basis for long-term secure OpenPGP signatures and ciphertexts. It defines composite public key encryption based on `ML-KEM` and composite public key signatures based on `ML-DSA` (both of which are used in conjunction with elliptic curve cryptography), as well as `SLH-DSA` as an independent public key signature scheme. GnuPG currently only supports composite public key encryption based on `ML-KEM`, and support for digital signatures is under development.

GnuPG 2.5.0 supports PGC encryption algorithms `ky768_cv25519` and `ky1024_cv448` based on `X25519` and `X448`, and PQC encryption algorithms `ky768_bp256`, `ky1024_bp384` and `ky1024_bp512` based on `brainpoolP256r1`, `brainpoolP384r1` and `brainpoolP512r1`. Since `Brainpool` is not efficient, widely used, and has no security advantages, this article only tests PGC encryption algorithms `ky768_cv25519` and `ky1024_cv448` based on `X25519` and `X448`.

## What You Need

- GnuPG 2.5.0 of later

## ML-KEM-768 + X25519

### Generate Key

```bash
gpg --quick-gen-key --batch --passphrase='' "X25519 User <[email protected]>" Ed25519 cert 1y

gpg --quick-add-key --batch --passphrase='' --pinentry-mode loopback DDE2BD47E5196CED794FDF17D9FFA236037FC097 ed25519 sign,auth 1y
gpg --quick-add-key --batch --passphrase='' --pinentry-mode loopback DDE2BD47E5196CED794FDF17D9FFA236037FC097 cv25519 encrypt 1y

# ML-KEM-768 + X25519
gpg --quick-add-key --batch --passphrase='' --pinentry-mode loopback DDE2BD47E5196CED794FDF17D9FFA236037FC097 ky768_cv25519 encrypt 1y
```

### List Key

```bash
$ gpg -K DDE2BD47E5196CED794FDF17D9FFA236037FC097
sec ed25519/D9FFA236037FC097 2024-07-13 [C] [expires: 2024-07-13]
Key fingerprint = DDE2 BD47 E519 6CED 794F DF17 D9FF A236 037F C097
uid [ultimate] X25519 User <[email protected]>
ssb ed25519/A2E4D93F5E67CDE2 2024-07-13 [SA] [expires: 2024-07-13]
Key fingerprint = 7660 3CDA E782 AEE7 C42A EF74 A2E4 D93F 5E67 CDE2
ssb cv25519/1D07C17D30191210 2024-07-13 [E] [expires: 2024-07-13]
Key fingerprint = F3AE 317F F319 12E7 E84B 9AC9 1D07 C17D 3019 1210
ssb ky768_cv25519/5C8EC98545A74E6C 2024-07-13 [E] [expires: 2024-07-13]
Key fingerprint = 5C8EC 98545 A74E6 C442A 76F3F 553F9 D39F0 FDF9A 2B7CD 8CA05
```

### Specify PGC key for encryption

```bash
$ echo "Hello, PGC!" > secret.txt
$ gpg --encrypt --yes -r 5C8EC98545A74E6C! secret.txt
$ gpg --decrypt --passphrase='' --pinentry-mode loopback secret.txt.gpg
gpg: encrypted with ky768_cv25519 key, ID 5C8EC98545A74E6C, created 2024-07-13
"X25519 User <[email protected]>"
Hello, PGC!
$ stat --printf="%s\t%n\n" secret.txt*
12 secret.txt
1274 secret.txt.gpg
```

### Specify X25519 key for encryption

```bash
$ echo "Hello, PGC!" > secret.txt
$ gpg --encrypt --yes -r 1D07C17D30191210! secret.txt
$ gpg --decrypt --passphrase='' --pinentry-mode loopback secret.txt.gpg
gpg: encrypted with cv25519 key, ID 1D07C17D30191210, created 2024-07-13
"X25519 User <[email protected]>"
Hello, PGC!
$ stat --printf="%s\t%n\n" secret.txt*
12 secret.txt
189 secret.txt.gpg
```

### Automatically select encryption key

```bash
$ echo "Hello, PGC!" > secret.txt
$ gpg --encrypt --yes -r D9FFA236037FC097 secret.txt
$ gpg --decrypt --passphrase='' --pinentry-mode loopback secret.txt.gpg
gpg: encrypted with ky768_cv25519 key, ID 5C8EC98545A74E6C, created 2024-07-13
"X25519 User <[email protected]>"
Hello, PGC!
$ stat --printf="%s\t%n\n" secret.txt*
12 secret.txt
1274 secret.txt.gpg
```

### Delete Key

```bash
gpg --delete-key --batch --yes DDE2BD47E5196CED794FDF17D9FFA236037FC097
```

## ML-KEM-1024 + X448

### Generate Key

```bash
gpg --quick-gen-key --batch --passphrase='' "X448 User <[email protected]>" Ed448 cert 1y

gpg --quick-add-key --batch --passphrase='' --pinentry-mode loopback 194E2C38F0C4354C4172DC586E3455C57BA2F61AB06EFC243A5D386ED86242B7 ed448 sign,auth 1y
gpg --quick-add-key --batch --passphrase='' --pinentry-mode loopback 194E2C38F0C4354C4172DC586E3455C57BA2F61AB06EFC243A5D386ED86242B7 cv448 encrypt 1y

# ML-KEM-1024 + X448
gpg --quick-add-key --batch --passphrase='' --pinentry-mode loopback 194E2C38F0C4354C4172DC586E3455C57BA2F61AB06EFC243A5D386ED86242B7 ky1024_cv448 encrypt 1y
```

### List Key

```bash
$ gpg -K 194E2C38F0C4354C4172DC586E3455C57BA2F61AB06EFC243A5D386ED86242B7
sec ed448/194E2C38F0C4354C 2024-07-13 [C] [expires: 2024-07-13]
Key fingerprint = 194E2 C38F0 C4354 C4172 DC586 E3455 C57BA 2F61A B06EF C243A
uid [ultimate] X448 User <[email protected]>
ssb ed448/96EA0B90619ACFCD 2024-07-13 [SA] [expires: 2024-07-13]
Key fingerprint = 96EA0 B9061 9ACFC D5709 BC773 F6300 D1B38 457BC 19792 C4763
ssb cv448/36FC63E177ECC404 2024-07-13 [E] [expires: 2024-07-13]
Key fingerprint = 36FC6 3E177 ECC40 4030B C0004 D91F7 4E1F7 E5590 CEC6A A096F
ssb ky1024_cv448/373E994D9B9AC9AE 2024-07-13 [E] [expires: 2024-07-13]
Key fingerprint = 373E9 94D9B 9AC9A EC476 3FA66 89794 AA808 894BE 4FDF4 020EE
```

### Specify PGC key for encryption

```bash
$ echo "Hello, PGC!" > secret.txt
$ gpg --encrypt --yes -r 373E994D9B9AC9AE! secret.txt
$ gpg --decrypt --passphrase='' --pinentry-mode loopback secret.txt.gpg
gpg: encrypted with ky1024_cv448 key, ID 373E994D9B9AC9AE, created 2024-07-13
"X448 User <[email protected]>"
Hello, PGC!
$ stat --printf="%s\t%n\n" secret.txt*
12 secret.txt
1778 secret.txt.gpg
```

### Specify X448 key for encryption

```bash
$ echo "Hello, PGC!" > secret.txt
$ gpg --encrypt --yes -r 36FC63E177ECC404! secret.txt
$ gpg --decrypt --passphrase='' --pinentry-mode loopback secret.txt.gpg
gpg: encrypted with cv448 key, ID 36FC63E177ECC404, created 2024-07-13
"X448 User <[email protected]>"
Hello, PGC!
$ stat --printf="%s\t%n\n" secret.txt*
12 secret.txt
212 secret.txt.gpg
```

### Automatically select encryption key

```bash
$ echo "Hello, PGC!" > secret.txt
$ gpg --encrypt --yes -r 194E2C38F0C4354C secret.txt
$ gpg --decrypt --passphrase='' --pinentry-mode loopback secret.txt.gpg
gpg: encrypted with ky1024_cv448 key, ID 373E994D9B9AC9AE, created 2024-07-13
"X448 User <[email protected]>"
Hello, PGC!
$ stat --printf="%s\t%n\n" secret.txt*
12 secret.txt
1778 secret.txt.gpg
```

### Delete Key

```bash
gpg --delete-key --batch --yes 194E2C38F0C4354C4172DC586E3455C57BA2F61AB06EFC243A5D386ED86242B7
```

## ML-DSA-65 + Ed25519

```bash
# Not working yet
gpg --quick-add-key --batch --passphrase='' --pinentry-mode loopback DDE2BD47E5196CED794FDF17D9FFA236037FC097 dil3_ed25519 sign 1y
```

## ML-DSA-87 + Ed448

```bash
# Not working yet
gpg --quick-add-key --batch --passphrase='' --pinentry-mode loopback 194E2C38F0C4354C4172DC586E3455C57BA2F61AB06EFC243A5D386ED86242B7 dil5_ed448 sign 1y
```

## Wrapping Up

OpenPGP currently does not fully support the PGC algorithm. It only supports encryption algorithms and lacks digital signature algorithms. It only supports generating PGC keys in the `quick-gen-key` and `quick-add-key` interfaces, but does not support generating PGC keys in the interactive interface.

The current state of OpenPGP's PGC implementation is quite exciting, considering that the algorithm is still in the draft stage. Let's look forward to the PGC algorithm being fully supported in OpenPGP, making our future more secure.

## Reference

- https://github.com/gpg/gnupg/blob/master/tests/openpgp/samplekeys/README
- https://github.com/gpg/gnupg/blob/master/common/openpgpdefs.h
- https://www.ietf.org/archive/id/draft-wussler-openpgp-pqc-04.html
- https://csrc.nist.gov/pubs/fips/203/ipd
- https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.ipd.pdf
- https://github.com/nccgroup/fips203
- https://dev.gnupg.org/T6815
- https://dev.gnupg.org/T7189
- https://lists.gnupg.org/pipermail/gnupg-announce/2024q3/000484.html

0 comments on commit 1e21273

Please sign in to comment.