A Survey of Post-Quantum Cryptography Support in Cryptographic Libraries

TL;DR

This survey assesses the current state of post-quantum cryptography support in major open-source cryptographic libraries, highlighting their readiness, challenges, and the need for coordinated efforts to ensure quantum-resistant security.

Contribution

It provides a comprehensive evaluation of PQC implementation status in nine popular cryptographic libraries, identifying gaps and challenges in their adoption as of 2025.

Findings

Varied support for PQC algorithms across libraries

Some libraries have integrated PQC or have roadmaps

Significant gaps and challenges remain in adoption

Abstract

The rapid advancement of quantum computing poses a significant threat to modern cryptographic systems, necessitating the transition to Post-Quantum Cryptography (PQC). This study evaluates the support for PQC algorithms within nine widely used open-source cryptographic libraries -- OpenSSL, wolfSSL, BoringSSL, LibreSSL, Bouncy Castle, libsodium, Crypto++, Botan, and MbedTLS -- focusing on their implementation of the NIST-selected PQC finalists: CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, and SPHINCS+. Our analysis, based on the latest available documentation, release notes, and industry reports as of early 2025, reveals a varied state of readiness across these libraries. While some libraries have integrated PQC support or have clear implementation roadmaps, others lag behind, creating potential security risks as quantum threats become more imminent. We discuss key challenges, including performance trade-offs, implementation security, and adoption hurdles in real-world cryptographic applications. Our findings highlight the urgent need for continued research, standardization efforts, and coordinated adoption strategies to ensure a secure transition to the quantum-resistant cryptographic landscape.