Security warnings

Most of the primitives (mathematical functions) in libpqcrypto are new. For quantitative and qualitative security analysis, see the individual submission packages, and watch NIST's pqc-forum for updates.

There could be security problems in libpqcrypto even if all the proposed primitives achieve their security goals. Most of the software in libpqcrypto is new and has not been audited. In particular:

New projects in high-assurance cryptographic software are working towards engineering a new generation of software with formally verified guarantees of constant-time behavior and full functional correctness. Future updates to libpqcrypto will take advantage of this.

Version: This is version 2018.03.14 of the "Warnings" web page.