More about the Complexity of Post Quantum Cryptography

in my last post I presented a little study discussing the complexity of implementing Post Quantum Cryptography #PQC . It focussed on https://www.wolfssl.com/ which is a well respected library for all sorts of IOT devices. This also means that specific code for different platforms is contained therein and tends to emphasize the effect of complexity expressed in Software Lines of Code (SLOC) reported by SLOCCount. Here a follow-up study, this time with OpenSSL. OpenSSL claims to have introduced TLS 1.3 with OpenSSL 1.1.1, which suggests OpenSSL 1.1.0 didn't feature TLS 1.3 related code. Unfortunately, OpenSSL doesn't feature a PQC implementation yet, but there is another project called liboqs that builds upon OpenSSL and adds this capability. So let's compare those:

Introducing TLS 1.3 came with an increase of ?200.000 SLOC. Maintaining this code and adding PQC, accounts for another ?400.000 SLOC. If you want to know more about the differences of TLS 1.2 vs. TLS 1.3, then this is an excellent point to start: RFC8446 aka. TLS 1.3.

In summary: security relevant code quickly increased in SLOC-count in the past ten years. While it brings improvements in bug-fixing, performance and new algorithms, one should not under-estimate the challenge introduced by the additional complexity. The 'betterness' of PQC vs. TLS 1.3 is not just given; it needs to be proven in the wild.