A decade after it was first established, the Waterloo-founded Open Quantum Safe project now has a permanent home. Today, the Linux Foundation announced the launch of the Post-Quantum Cryptography Alliance (PQCA), an initiative that unites public and private technology leaders including Amazon Web Services (AWS), Cisco, Google, IBM, IntellectEU, Keyfactor, Kudelski IoT, NVIDIA, QuSecure, SandboxAQ, and the University of Waterloo to address cryptographic security challenges posed by quantum computing.

“We are working to create future-proof security measures that will be resistant to quantum computing attacks before those become an imminent threat,” said Dr. Douglas Stebila, professor of Combinatorics and Optimization at the University of Waterloo. “The collaborative approach between academia, industry and government to develop new cryptographic algorithms publicly ensures that some of the world’s best scientific minds are vetting the security of this important new technology.”

The PQCA is particularly significant because of its central commitment to open-source software and collaboration. “The mission of the Post-Quantum Cryptography Alliance is to develop and promote open-source software solutions that address the security challenges posed by quantum computing," said Jim Zemlin, executive director of the Linux Foundation. "By establishing an open and collaborative environment for innovation, the PQCA will help accelerate the development and adoption of post-quantum cryptography in open source and beyond.” 

The PQCA expands on the ethos that motivates the Open Quantum Safe project, which was established in 2014 by two Waterloo professors: Stebila and Dr. Michele Mosca, professor of Combinatorics and Optimization and co-founder of the University of Waterloo’s Institute for Quantum Computing. The project — which has grown to include more than 40 contributors around the world as well as several private and public sponsors — supports open-source development and prototyping of quantum-resistant cryptography.

The OQS Project has two focuses: liboqs, an open-source C library for quantum-resistant cryptographic algorithms, and prototype integrations into protocols and applications, including an integration into the widely used OpenSSL library.

“We are proud that the Open Safe Quantum Project is continuing with the launch of the Post-Quantum Cryptography Alliance,” said Norbert Lütkenhaus, executive director of the Institute for Quantum Computing at the University of Waterloo. “Indeed, the important work of Michele Mosca and Douglas Stebila since starting the open-source project a decade ago will greatly impact post-quantum technologies and the security of data for industry and customers.”

For Mosca and Stebila, who have been with the project since the beginning, the high-profile partnership is particularly affirming. “When I started at Waterloo, post-quantum cryptography was on the utmost fringes of modern cryptography, with a heavy focus on foundational academic research,” Mosca said. “A rapidly growing community of researchers have further developed these foundations and expanded into the development of robust protocols, implementations, and the rich spectrum of research and development needed to have trustworthy, certifiable and widespread deployments in real-world systems.”

To learn more about the Post-Quantum Cryptography Alliance, read the press release from the Linux Foundation.