CNSA 2.0 Algorithms: OpenSSL 3.5’s Q-Safe Group Selection
In accordance with the NSA’s CNSA 2.0 recommendations, OpenSSL version 3.5 adds improvements to TLS(Transport Layer Security) 1.3 to give quantum-safe cryptographic algorithms priority
OpenSSL uses novel configuration techniques to accomplish this without changing the TLS standard
OpenSSL is the first significant TLS library to fully implement the CNSA 2.0 preference with this version, and because of its long-term support status, it is expected to be widely adopted
The NSA's Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) lists authorized quantum-safe algorithms and timelines for their deployment
According to the CNSA 2.0 mandate, systems must be set up to “prefer CNSA 2.0 algorithms” during the initial transition period and to “accept only CNSA 2.0 algorithms” as products advance
However, the prefer mandate of CNSA 2.0 enforces higher priority to the use of Q-safe algorithms, even if that comes at the cost of a round-trip penalty which is completely achieved using the new specification syntax
In order to protect online communication from the potential threat of quantum computers, OpenSSL v3.5’s incorporation of the Q-safe algorithm preference is essential
OpenSSL v3.5’s LTS status guarantees its broad use, increasing accessibility to quantum-safe communication on a variety of systems