This docker image contains a version of the GNOME Web/epiphany web browser built to also properly execute quantum-safe crypto (QSC) TLS operations.
To this end, it contains QSC algorithms implemented by liboqs and made available to OpenSSL(3) via oqs-provider developed as part of the OpenQuantumSafe project.
The image is based on Ubuntu and requires the host to run the Unix X-Window system.
This demo is based on work done by Igor Barshteyn.
Execute this command to open the epiphany browser window on your host:
docker run --net=host --privileged --env="DISPLAY" openquantumsafe/epiphany
Note: You may need to grant permissions for Docker to access the X display:
xhost +si:localuser:$USER
It might also be necessary to mount the ".Xauthority" file suitably:
docker run --net=host --privileged --env="DISPLAY" --volume="$HOME/.Xauthority:/home/oqs/.Xauthority:rw" openquantumsafe/epiphany
Go to https://test.openquantumsafe.org where all standardized and most of the quantum-safe algorithms that are still part of the NIST PQC competition are available for TLS interoperability testing.
Note: By default, only the algorithms "p521_kyber1024:kyber768:x25519" are supported by the configuration built into this Docker image. This list can be arbitrarly extended by passing a colon-delimited list of any of the KEM algorithms supported by oqs-provider, e.g.:
docker run --net=host --privileged --env="DISPLAY" openquantumsafe/epiphany frodo640aes:kyber512
This way, all algorithms available at their respective test ports can be trialed at https://test.openquantumsafe.org.
If you want to set up your own server running QSC algorithms, check out OQS-httpd/Apache or OQS-nginx.