Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Post-Quantum MQTT Support #415

Open
camblor opened this issue Jan 21, 2025 · 3 comments
Open

Post-Quantum MQTT Support #415

camblor opened this issue Jan 21, 2025 · 3 comments
Assignees
@anhu

Comments

@camblor
Copy link

camblor commented Jan 21, 2025

Hello,

I have followed the tutorial given in the README.md about Post-Quantum MQTT Support.
When reaching to the point where it's just executing the mqttclient, I got an error.

I have tried with liboqs 0.8.0 and 0.10.0. I do:

$ mkdir build
$ cd build
$ cmake -DOQS_USE_OPENSSL=0 ..
$ make all
$ sudo make install

After installing the library, for every liboqs version, I enter the following in the wolfssl latest version configuration:

$ ./configure --with-liboqs --enable-experimental --enable-kyber=yes,original
$ make all
$ sudo make install

The --enable-experimental is not included in the wolfssl INSTALL file, it just points to --with-liboqs, but I assumed it wouldn't cause any error, so I managed to compile wolfssl and install it with that configuration. The same happens about the --enable-kyber=yes,original, which happens to cause a problem when compiling wolfMQTT if it's not included.

In the instructions, it is said to copy some files from the cert folder of the publisher container:

  • /test/cert/CA.crt
  • /test/cert/publisher.crt
  • /test/cert/publisher.key

And the problem is that when executing the following command:

./examples/mqttclient/mqttclient -h 172.18.0.2 -t -A CA.crt -K publisher.key -c publisher.crt -m "Hello from post-quantum wolfMQTT!!" -n test/sensor1 -Q KYBER_LEVEL1

With every other instruction followed and this setup as base, an error arises:

Error loading CA CA.crt: -148 (ASN oid error, unknown sum id)
MQTT Socket Connect: Error (TLS Connect) (-6)

I would appreciate any help with this problem.
@anhu
Copy link
Member

anhu commented Jan 21, 2025

Hi Camblor.

I'm sorry to see you are having problems with our post-quantum integration in wolfMQTT. Its been a while since that work was done and it might need to be updated. Please let me try it out and report back what I'm seeing. Please stay tuned.

In the meantime can you let us know a bit about yourself and your project? For example, is this out of professional, academic or personal interest?

Warm regards, Anthony

@camblor
Copy link
Author

camblor commented Jan 22, 2025

Hi Anthony,

I'm working as Researcher-Engineer at Gradiant, a technology center where we research about cybersecurity among other topics. Here, we have a research project about the usage of post quantum cryptography in MQTT communication between IoT devices.
WolfMQTT makes a lot of sense here because of the lightweight requirements of IoT devices, so I was trying to make the client work and then start testing.

I'll stay tuned. If you require more information or something I can help with, please tell me.

Warm regards,
Alfonso.

@anhu
Copy link
Member

anhu commented Jan 30, 2025

Hi Alfonso,

I should let you know that we have our own implementation of Kyber/MLKEM and Dilithium/MLDSA So, you don't actually need to build and link against liboqs.

Please try this configure command for wolfSSL:

./configure --enable-experimental --enable-kyber --enable-dilithium

Warm regards, Anthony

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anhu anhu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@anhu @camblor