liboqs 缓冲区错误漏洞

Liboqs is an open-source project under Open Quantum Safe, which is an open-source C library for quantum secure encryption algorithms. Versions of Liboqs prior to 0.16.0 contained a buffer error vulnerability. This vulnerability stems from the XMSS and XMSS^MT state signature verification code. Wh...

Security Bulletin: IBM Quantum Safe Remediator is affected by mutiple vulnerabilities

Summary The vulnerabilities are found in the dependent open source libraries used in IBM Quantum Safe Remediator code base. IBM Quantum Safe Remediator has addressed these vulnerabilities by updating the versions of the affected libraries. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION:...

Efficient and Quantum-Safe Internet Key Exchange Protocols for Satellite Communications

This paper studies cryptographic key exchange in satellite communications, which requires specific solutions because the satellite context presents unique challenges, particularly concerning onboard resource constraints and long transmission latency. We address these challenges by considering the...

Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites

Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client...

Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilities

Summary The vulnerabilities are found in the dependent open source libraries used in IBM Quantum Safe Explorer code base. IBM Quantum Safe Explorer has addressed these vulnerabilities by updating the versions of the affected libraries. Vulnerability Details CVEID:CVE-2025-67030 DESCRIPTION:...

Building your cryptographic inventory: A customer strategy for cryptographic posture management

Post-quantum cryptography PQC is coming—and for most organizations, the hardest part won’t be choosing new algorithms. It will be finding where cryptography is used today across applications, infrastructure, devices, and services so teams can plan, prioritize, and modernize with confidence. At...

Quantum-Safe IPsec in the Banking Industry

The emergence of Cryptographically Relevant Quantum Computers CRQCs presents a critical threat to classical cryptographic systems, particularly widely adopted protocols such as RSA, Diffie-Hellman DH, and Elliptic Curve Cryptography ECC. Given their extensive use in the financial sector, the adve...

Quantum-Safe Code Auditing: LLM-Assisted Static Analysis and Quantum-Aware Risk Scoring for Post-Quantum Cryptography Migration

The impending arrival of cryptographically relevant quantum computers CRQCs threatens the security foundations of modern software: Shor's algorithm breaks RSA, ECDSA, ECDH, and Diffie-Hellman, while Grover's algorithm reduces the effective security of symmetric and hash-based schemes. Despite NIS...

Post-Quantum Cryptography Beyond TLS: Remain Quantum Safe

...

On Implementing Hybrid Post-Quantum End-To-End Encryption

The emergence of quantum computing poses a fundamental threat to current public key cryptographic systems. This threat is necessitating a transition to quantum resistant cryptographic alternatives in all the applications. In this work, we present the implementation of a practical hybrid end-to-en...

Signal’s Post-Quantum Cryptographic Implementation

Signal has just rolled out its quantum-safe cryptographic implementation. Ars Technica has a really good article with details: Ultimately, the architects settled on a creative solution. Rather than bolt KEM onto the existing double ratchet, they allowed it to remain more or less the same as it ha...

EUVD-2024-29389

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-31510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the cryptosignsignature parameter in the...

Are Enterprises Ready for Quantum-Safe Cybersecurity?

Quantum computing threatens to undermine classical cryptography by breaking widely deployed encryption and signature schemes. This paper examines enterprise readiness for quantum-safe cybersecurity through three perspectives: i the technologist view, assessing the maturity of post-quantum...

Quantum-safe security: Progress towards next-generation cryptography

Quantum computing promises transformative advancements, yet it also poses a very real risk to today’s cryptographic security. In the future scalable quantum computing could break public-key cryptography methods currently in use and undermine digital signatures, resulting in compromised...

liboqs 信息泄露漏洞

liboqs is an Open Quantum Safe open source C library for quantum-safe cryptographic algorithms. An information disclosure vulnerability exists in liboqs versions prior to 0.14.0, which stems from a secret dependency branch in the HQC key wrapping mechanism...

Quantum-Resistant Domain Name System: a Comprehensive System-Level Study

The Domain Name System DNS plays a foundational role in Internet infrastructure, yet its core protocols remain vulnerable to compromise by quantum adversaries. As cryptographically relevant quantum computers become a realistic threat, ensuring DNS confidentiality, authenticity, and integrity in t...

Building a Quantum-Safe Internet: The IETF's Plan for TLS

Learn about the latest initiatives in post-quantum cryptography, including the IETF’s plan for securing TLS...

liboqs 加密问题漏洞

liboqs is an Open Quantum Safe open source C library for quantum-safe cryptographic algorithms. A cryptographic issue vulnerability exists in versions of liboqs prior to 0.13.0, which stems from a design flaw in the HQC algorithm that could result in a large number of malformed ciphertexts sharin...

Versatile Quantum-Safe Hybrid Key Exchange and Its Application to MACsec

Advancements in quantum computing pose a significant threat to most of the cryptography currently deployed. Fortunately, cryptographic building blocks to mitigate the threat are already available; mostly based on post-quantum and quantum cryptography, but also on symmetric cryptography techniques...