Merkle Tree Certificates

If you’re part of the Web PKI community and haven’t heard of Merkle Tree Certificates then you must have been hiding under a rock for the past year! These are the new format of certificates that are being pushed by Google and Cloudflare to solve the issue of large public keys and signatures in ML-DSA […]

Read MoreMore Tag

wolfBoot for CNSA 2.0 Secure Boot on Zynq UltraScale+ MPSoC

Executive Summary Problem: Zynq UltraScale+ MPSoC secure boot authenticates the FSBL with RSA-4096 in immutable BootROM. CNSA 2.0 requires post-quantum algorithms for long-term software and firmware verification. RSA-4096 is not quantum-resistant, so the BootROM cannot be the final CNSA 2.0 firmware-authentication answer. Solution: Use wolfBoot as the system-level post-quantum authorization layer. Keep AMD secure boot […]

Read MoreMore Tag

wolfSSH Continues on the Post-Quantum Hybrid Key Exchange Journey

Go checkout the master branch of wolfSSH. Two new hybrid KEX methods have been added. Both are defined in draft-ietf-sshm-mlkem-hybrid-kex: mlkem768x25519-sha256 — ML-KEM-768 paired with X25519 mlkem1024nistp384-sha384 — ML-KEM-1024 paired with NIST P-384 This joins mlkem768nistp256-sha256 which has been there for a long time. Why hybrid The “harvest now, decrypt later” threat model means ciphertext […]

Read MoreMore Tag

PQC in cURL

When curl is built with wolfSSL as the TLS backend, you can get ML-KEM and ML-DSA post-quantum algorithm support in TLS 1.3, provided wolfSSL was configured with –enable-curl, –enable-mlkem and –enable-mldsa. Getting started with wolfSSL? Download the latest libraries here and start exploring. The following ML-KEM groups are available: Pure ML-KEM (post-quantum only) ML_KEM_512 ML_KEM_768 […]

Read MoreMore Tag

Performance and Portability: Post-Quantum Cryptography with wolfSSL and Vulkan

Post-quantum standards like ML-DSA introduce significant compute challenges. These lattice-based schemes rely on high-degree polynomial math that can overwhelm traditional CPUs, making GPU acceleration essential for high-volume environments. The primary bottlenecks occur during Key Generation and Signing. In ML-DSA, signature generation is particularly intensive due to rejection sampling. This process requires the algorithm to repeatedly […]

Read MoreMore Tag

Accelerating ML-DSA Key Generation with wolfSSL and CUDA

With the formalization of ML-DSA for post-quantum usage, lattice-based cryptography introduces a significant compute challenge. Unlike traditional ECC or RSA, ML-DSA relies on complex polynomial math across hundreds of dimensions, creating a performance wall for high-volume systems. To address this compute issue, wolfSSL can utilize CUDA to accelerate these lattice operations, offloading the heavy math […]

Read MoreMore Tag

PQC in the linux kernel

The linux kernel’s ctcrypto subsystem is powerful and flexible, containing the kernel’s internal implementations for familiar algorithms such as RSA and ECDSA, along with an API framework that allows registering cryptographic providers for other crypto-consuming modules. A quick glance at output from cat /proc/crypto shows a rich set of crypto drivers exposed, ranging from the […]

Read MoreMore Tag

Rust support for post-quantum cryptography

wolfSSL is excited to announce the addition of post-quantum cryptographic algorithms in Rust to the wolfSSL 2026 roadmap! The planned additions to the wolfSSL Rust API include the ML-KEM, ML-DSA, LMS, XMSS, Falcon, and SPHINCS+ algorithms. These additions will bring direct support to Rust projects for the robust wolfSSL implementations of the most future-proof post-quantum […]

Read MoreMore Tag

Posts navigation

1 2 3 4