From 2958e5e4cfff8e7e8a8a113dca65dec028deb5aa Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 24 Apr 2024 09:56:30 +0200
Subject: gpg: New option --require-pqc-encryption

* g10/gpg.c (oRequirePQCEncryption): New.
(opts): Add option.
(main): Set option.
* g10/mainproc.c (print_pkenc_list): Print a warning.
* g10/options.h (flags): Add flag require_pqc_encryption.
* g10/getkey.c (finish_lookup): Skip non-pqc keys if the option is
set.
--

GnuPG-bug-id: 6815
---
 doc/gpg.texi | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'doc')

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 10a1937f6..446189b4b 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -3146,6 +3146,15 @@ This option adjusts the compliance mode "de-vs" for stricter key size
 requirements.  For example, a value of 3000 turns rsa2048 and dsa2048
 keys into non-VS-NfD compliant keys.
 
+@item --require-pqc-encryption
+@opindex require-pqc-encryption
+This option forces the use of quantum-resistant encryption algorithms.
+If not all public keys are quantum-resistant the encryption will fail.
+On decryption a warning is printed for all non-quantum-resistant keys.
+As of now the Kyber (ML-KEM768 and ML-KEM1024) algorithms are
+considered quantum-resistant; Kyber is always used in a composite
+scheme along with a classic ECC algorithm.
+
 @item --require-compliance
 @opindex require-compliance
 To check that data has been encrypted according to the rules of the
-- 
cgit v1.2.3