Implementing Post-quantum Cryptography for Developers

Julius Hekkala, Mari Muurman, Kimmo Halunen, Visa Vallivaara (Corresponding Author)

Research output: Contribution to journalArticleScientificpeer-review

4 Citations (Scopus)
113 Downloads (Pure)


Widely used public key cryptography is threatened by the development of quantum computers. Post-quantum algorithms have been designed for the purpose of protecting sensitive data against attacks with quantum computers. National Institute of Standards and Technology has recently reached the end of the third round of post-quantum standardization process and has published three digital signatures and one key encapsulation mechanism for standardization. Three of the chosen algorithms are based on lattices. When implementing complex cryptographic algorithms, developers commonly use cryptographic libraries in their solutions to avoid mistakes. However, most of the open-source cryptography libraries do not yet have post-quantum algorithms integrated in them. We chose a C++ cryptography library, Crypto++, and created a fork where we integrated four lattice-based post-quantum algorithms. We analyzed the challenges in the process as well as the performance, correctness and security of the implemented algorithms. The performance of the integrated algorithms was overall good, but the integration process had its challenges, many of which were caused by the mathematical complexity of lattice-based algorithms. Different open-source implementations of post-quantum algorithms will be essential to their easier use for developers. Usability of the implementations is also important to avoid possible mistakes when using the algorithms.
Original languageEnglish
Article number365
Number of pages14
JournalSN Computer Science
Issue number4
Publication statusPublished - Jul 2023
MoE publication typeA1 Journal article-refereed


  • C++
  • Lattice cryptography
  • Post-quantum cryptography
  • Programming library


Dive into the research topics of 'Implementing Post-quantum Cryptography for Developers'. Together they form a unique fingerprint.

Cite this