Bouncy Castle and a Post-Quantum future: API Changes, Protocol Issues, and Performance

With the finalization of the initial three NIST standards for PQC, together with supporting standards from the IETF and X9, it has become possible to produce holistic implementations supporting the new PQC algorithms in Bouncy Castle APIs. Holistic in this case, means that in addition to supporting the algorithms themselves, it is now possible to meet the other requirements, such as support in CMS/SMIME, Time Stamping, or PGP protocol. Things which are really what make an algorithm "useful" as they do not require developers to work directly with the algorithms themselves and implicitly allow for a level of agility in code design. Of course the consideration of things like Time Stamping, immediately calls to question what do we do with the Time Stamps that we have? It turns out there are also, already, standards for supporting that use case as well. This talk will look at how the BC APIs have adapted to the new PQC algorithms, what we have done to improve "usefulness" while still allowing for, we hope, peaceful migration from the past, and what performance issues we have seen around this migration so far as well as what we have tried to do in order to help our user community take some of these things into account.