Hi Alberto,
Thank you for reaching out and for sharing the details of your work on integrating Post-Quantum algorithms into the Mbed TLS stack. It's great to see the outcomes of the QUBIP project being made available under an open-source license, and your efforts in hybrid KEM/signature integration are certainly of interest.
As Mbed TLS is maintained under the umbrella of trustedfirmware.orghttps://www.trustedfirmware.org, contributions and strategic direction are guided by the community governance process outlined on the website. For coordination around contribution roadmaps and priorities, I recommend getting in touch with the Mbed TLS Product Manager, Shebu Varghese Kuriakose (Shebu.VargheseKuriakose@arm.com), who can help navigate that process.
Please note that larger contributions such as yours typically need to be broken down into smaller, manageable units, and we often require more extensive testing and effort than contributors initially anticipate. So, before diving into integration, we’ll first need to assess how much of the proposed work aligns with the current direction of the project and whether there's mutual interest in pursuing it further.
Looking forward to further discussion, and thank you again for reaching out and contributing to the broader open-source ecosystem.
Best regards, Janos
From: Alberto Battistello via mbed-tls mbed-tls@lists.trustedfirmware.org Date: Thursday, 8 May 2025 at 16:46 To: mbed-tls@lists.trustedfirmware.org mbed-tls@lists.trustedfirmware.org Subject: [mbed-tls] PQC code from European Project QUBIP - Security Pattern
Hi all, I am writing in behalf of Security Pattern, a security firm specialized in embedded systems. We are a member of the QUBIP European Funded Project (https://qubip.eu), which aims at transitioning protocols, networks, and systems to Post Quantum algorithms. As a result of the project, we have integrated a set of Post Quantum algorithms in the TLS1.3 stack of the MbedTLS code (see here https://github.com/QUBIP/pq-mqtt-client-mbedtls).
We have code running on STM32 Nucleo board in two versions: the former is a full software, by leveraging the crypto primitives provided in a library developed by another partner, the latter using a Secure Element emulated by FPGA connected via I2C (also developed by another partner of QUBIP). Our main work has beed dedicated to integrating the new hybrid KEM and signatures (MLKEM768-x25519 and MLDSA44-Ed25519) into the TLS stack, in order to demonstrate communication with an MQTT broker running OpenSSL.
At the current stage we are about to publish the code on github with MIT license (here https://github.com/QUBIP/pq-mqtt-client-mbedtls). Meanwhile, we think the effort we made could be of help for MBedTLS development/developers. So I would like to ask if you can address me to some contact that is responsible in MbedTLS or ARM about the PQC transition or the best way to facilitate the use/integration of our work.
Best Regards, Alberto --
[Image removed by sender. Security Pattern]https://www.securitypattern.com/
Alberto Battistello Senior Security Engineer M. +39 333 3239810 Via G. Boccaccio, 58 | 25080 Mazzano (BS) | Italy | P.I. 03943650980 www.securitypattern.comhttps://www.securitypattern.com/?utm_source=newsletter&utm_medium=email&utm_campaign=email_signature | Follow Linkedinhttps://www.linkedin.com/company/securitypattern/ | We value your privacyhttps://www.iubenda.com/privacy-policy/40319464/legal