A Survey of Post-Quantum Cryptography Support in Cryptographic Libraries

Files

2508.16078v1.pdf (1.64 MB)

Links to Files

http://arxiv.org/abs/2508.16078

Permanent Link

https://doi.org/10.48550/arXiv.2508.16078
 http://hdl.handle.net/11603/40353

Collections

UMBC Center for Real-time Distributed Sensing and Autonomy
UMBC College of Engineering and Information Technology Dean's Office
UMBC Faculty Collection
UMBC Information Systems Department
UMBC Student Collection

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0001-9343-3654
 https://orcid.org/0000-0002-7553-7932

Date

2025-08-22

Type of Work

postprints
conference papers and proceedings
Text

Department

Program

Citation of Original Publication

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Subjects

UMBC Emerging Software Technologies Lab
UMBC Center for Cybersecurity
Computer Science - Cryptography and Security
UMBC Accelerated Cognitive Cybersecurity Laboratory
Computer Science - Networking and Internet Architecture
UMBC Accelerated Cognitive Cybersecurity Laboratory

Abstract

The rapid advancement of quantum computing poses a significant threat to modern cryptographic systems, necessitating the transition to Post-Quantum Cryptography (PQC). This study evaluates the support for PQC algorithms within nine widely used open-source cryptographic libraries -- OpenSSL, wolfSSL, BoringSSL, LibreSSL, Bouncy Castle, libsodium, Crypto++, Botan, and MbedTLS -- focusing on their implementation of the NIST-selected PQC finalists: CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, and SPHINCS+. Our analysis, based on the latest available documentation, release notes, and industry reports as of early 2025, reveals a varied state of readiness across these libraries. While some libraries have integrated PQC support or have clear implementation roadmaps, others lag behind, creating potential security risks as quantum threats become more imminent. We discuss key challenges, including performance trade-offs, implementation security, and adoption hurdles in real-world cryptographic applications. Our findings highlight the urgent need for continued research, standardization efforts, and coordinated adoption strategies to ensure a secure transition to the quantum-resistant cryptographic landscape.