Post-Quantum Hybrid Cryptography in Bouncy Castle
Although the NIST Post-Quantum Competition Round 3 finalists have been announced, final standards will not be released until two years from now. To prepare for the future, hybrid approaches allow combining the current finalist algorithms with regular public key algorithms for use in key encapsulation mechanisms and key agreement algorithms. With these techniques, you can introduce a level of post-quantum hardening and gain experience with post-quantum algorithms.
The exercises in the following sections complement the workshop Post-quantum hybrid cryptography in Bouncy Castle which explores several standardized mechanisms for hybrid techniques and how they can be applied to the Bouncy Castle Java APIs.
Audience and Prerequisites
To get the most out of the Post-quantum hybrid cryptography in Bouncy Castle workshop, you need to be competent in the Java language. Knowledge of Java Cryptography Architecture is helpful but not required.
We recommend having a laptop with a minimum of Java 8, an IDE for coding, and a copy of the Bouncy Castle Libraries version BC 1.71 or later.
For the latest Bouncy Castle Java releases, refer to the Bouncy Castle latest Java releases and for Java FIPS resources such as the PQC add-on, refer to the Bouncy Castle Java FIPS Resources.
- SP 800-56C: Recommendation for Key-Derivation Methods in Key-Establishment Schemes
- SP 800-133B: Recommendation for Cryptographic Key Generation
- Legion of the Bouncy Castle Inc. PQC-Addon User Guide
- NIST Post-Quantum Cryptography project
For Post-Quantum algorithm support and NIST PQC Competition algorithms in Bouncy Castle, see Interoperability.