Skip to content

Add security research guidance and threat model#2477

Draft
tob-scott-a wants to merge 1 commit into
open-quantum-safe:mainfrom
tob-scott-a:deliverable/docs-security-guidance
Draft

Add security research guidance and threat model#2477
tob-scott-a wants to merge 1 commit into
open-quantum-safe:mainfrom
tob-scott-a:deliverable/docs-security-guidance

Conversation

@tob-scott-a

Copy link
Copy Markdown

This adds two Markdown files under .github to instruct AI agents how to more effectively work with liboqs. The intention is to improve the signal-to-noise ratio and reduce the rate of invalid LLM-generated security reports.

  • Does this PR change the input/output behaviour of a cryptographic algorithm (i.e., does it change known answer test values)? (If so, a version bump will be required from x.y.z to x.(y+1).0.)
    • No.
  • Does this PR change the list of algorithms available -- either adding, removing, or renaming? Does this PR otherwise change an API? (If so, PRs in fully supported downstream projects dependent on these, i.e., oqs-provider will also need to be ready for review and merge by the time this is merged. Also, make sure to update the list of algorithms in the continuous benchmarking files: .github/workflows/kem-bench.yml and sig-bench.yml)
    • No.

These documents were generated by Codex-5.5-Cyber as part of the Patch the Planet program.

Signed-off-by: Scott Arciszewski <scott.arciszewski@trailofbits.com>
@tob-scott-a tob-scott-a force-pushed the deliverable/docs-security-guidance branch from ae641aa to 188dae9 Compare June 26, 2026 19:31
@coveralls

Copy link
Copy Markdown

Coverage Status

Coverage is 82.299%tob-scott-a:deliverable/docs-security-guidance into open-quantum-safe:main. No base build found for open-quantum-safe:main.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants