====== 1. Concepts ======

Fundamental concepts of post-quantum cryptography and this library.

----

===== Contents =====

^  Topic  ^  Description  ^
| [[.:algorithmen|1.1 Algorithms]] | ML-DSA, ML-KEM, NIST standards |
| [[.:sicherheit|1.2 Security]] | Threat model, Harvest-Now-Decrypt-Later |
| [[.:vergleich-dotnet10|1.3 Comparison with .NET 10]] | Why WvdS instead of Microsoft PQC? |

----

===== Why Post-Quantum? =====

**The Problem:** Classical cryptography (RSA, ECDSA) can be broken by quantum computers. Data intercepted today could be decrypted in the future.

**The Solution:** Post-quantum algorithms (ML-DSA, ML-KEM) are resistant to quantum attacks. They are standardized by NIST((NIST PQC: https://csrc.nist.gov/projects/post-quantum-cryptography)) and implemented in OpenSSL 3.6+.

**Our Approach:** Hybrid cryptography - classical and PQ algorithms in parallel. Backward compatible, future-proof.

----

===== Library Scope =====

WvdS.System.Security.Cryptography.Extensions focuses on **asymmetric post-quantum cryptography**:

^  In Scope (WvdS)  ^  Out of Scope (.NET Built-in)  ^
| ML-DSA signatures | AES-GCM encryption |
| ML-KEM key exchange | ChaCha20-Poly1305 |
| Hybrid certificates | Symmetric encryption |
| X.509 PQ extensions | Hash functions (SHA-256/384/512) |

<WRAP tip>
**Rule of thumb:** Use WvdS only for asymmetric operations (signatures, key exchange, certificates). For symmetric encryption, use the .NET standard library directly.
</WRAP>

----

===== The Three Crypto Modes =====

^  Mode  ^  Algorithms  ^  Compatibility  ^  Usage  ^
| Classic | RSA, ECDSA, ECDH | Universal | Legacy systems |
| **Hybrid** | RSA + ML-DSA, ECDH + ML-KEM | Forward/Backward | Migration (recommended) |
| PostQuantum | ML-DSA, ML-KEM | PQ-capable only | New PQ-only systems |

<mermaid>
flowchart TD
    START(["Which mode to choose?"]) --> Q1{"All systems<br/>PQ-capable?"}

    Q1 -->|Yes| Q2{"Backward<br/>compatibility<br/>needed?"}
    Q1 -->|No| Q3{"OpenSSL 3.6<br/>available?"}

    Q2 -->|No| PQ["PostQuantum<br/>ML-DSA / ML-KEM"]
    Q2 -->|Yes| HYB["Hybrid<br/>RSA+ML-DSA / ECDH+ML-KEM"]

    Q3 -->|Yes| HYB
    Q3 -->|No| CLS["Classic<br/>RSA / ECDSA / ECDH"]

    style PQ fill:#4caf50,color:#fff
    style HYB fill:#2196f3,color:#fff
    style CLS fill:#ff9800,color:#fff
    style START fill:#9c27b0,color:#fff
</mermaid>

==== Classic Mode ====

<code csharp>
CryptoConfig.DefaultMode = CryptoMode.Classic;
</code>

Only classical algorithms. For legacy compatibility or systems without OpenSSL 3.6.

==== Hybrid Mode (recommended) ====

<code csharp>
CryptoConfig.DefaultMode = CryptoMode.Hybrid;
</code>

Both algorithms in parallel. Legacy clients ignore PQ extension, modern ones validate both.

==== PostQuantum Mode ====

<code csharp>
CryptoConfig.DefaultMode = CryptoMode.PostQuantum;
</code>

<WRAP warning>
Only use when **all** participating systems are PQ-capable!
</WRAP>

==== Override Per-Operation ====

<code csharp>
// Global: Hybrid
CryptoConfig.DefaultMode = CryptoMode.Hybrid;

// This operation: PostQuantum
var cert = request.CreateSelfSigned(notBefore, notAfter, CryptoMode.PostQuantum);
</code>

----

===== Algorithm Overview =====

-> Details: [[.:algorithmen|Algorithms]]

**Signatures (ML-DSA):**
  * Replaces RSA/ECDSA for digital signatures
  * NIST FIPS 204((NIST FIPS 204: https://csrc.nist.gov/pubs/fips/204/final))

**Key Exchange (ML-KEM):**
  * Replaces ECDH for key agreement
  * NIST FIPS 203((NIST FIPS 203: https://csrc.nist.gov/pubs/fips/203/final))

----

===== Further Reading =====

  * [[en:int:pqcrypt:developer:start|Developer]] - Technical integration
  * [[en:int:pqcrypt:business:start|Business]] - Compliance, strategy

----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional//

{{tag>concepts pq-crypto fundamentals}}