OpenSSL Algorithm Support

Algorithm Support Summary

OpenSSL 3.5.0 introduces native support for the NIST-standardised PQC algorithms ML-KEM, ML-DSA, and SLH-DSA. This project integrates these algorithms for TLS benchmarking where possible. However, some limitations affect their usage in performance testing and handshake scenarios:

Known Limitations

• ML-DSA and SLH-DSA are currently not supported by the OpenSSL speed utility, making them unavailable for cryptographic performance benchmarking.

• SLH-DSA while supported at the provider level (e.g., for certificate generation), has not yet been integrated into OpenSSL's TLS stack (s_client, s_server, speed). Its inclusion in TLS 1.3 is under consideration via this IETF draft. Until then, SPHINCS+ from the OQS-Provider will be used as a placeholder for stateless hash-based signatures in TLS tests.

• The X448MLKEM1024 Hybrid-PQC KEM is implemented and supported by OpenSSL's speed tool, but not registered as a TLS group. It is excluded from handshake testing, though it remains available for TLS speed testing within this project.

Classical Algorithm Benchmarks

To provide performance baselines for comparison, classical algorithms are also included in TLS benchmarking:

• RSA-2048, RSA-3072, RSA-4096
• prime256v1, secp384r1, secp521r1

These schemes help assess the overhead and feasibility of PQC adoption in real-world contexts.

Supported KEM Algorithms

Algorithm Name	Hybrid Algorithm (*)	TLS Handshake Test Support (*)	OpenSSL Speed Test Support (*)
MLKEM512		*	*
MLKEM768		*
MLKEM1024		*	*
X25519MLKEM768	*	*	*
X448MLKEM1024	*		*
SecP256r1MLKEM768	*	*	*
SecP384r1MLKEM1024	*	*	*

Supported Digital Signature Algorithms

Algorithm Name	Hybrid Algorithm (*)	TLS Handshake Test Support (*)	OpenSSL Speed Test Support (*)
MLDSA44		*
MLDSA65		*
MLDSA87		*

Supported Classical Algorithms

Algorithm Name	TLS Handshake Test Support (*)	OpenSSL Speed Test Support (*)
RSA-2048	*	*
RSA-3072	*	*
RSA-4096	*	*
prime256v1	*	*
secp384r1	*	*
secp521r1	*	*