Paragon Initiative Enterprises

@[email protected]
50 Followers
7 Following
60 Posts
Software security, cryptography, open source.
Websitehttps://paragonie.com
GitHubhttps://github.com/paragonie
Show threadParagon Initiative Enterprises3d ago
@ocramius Not yet: https://www.yubico.com/blog/future-proofing-authentication-a-look-at-the-future-of-post-quantum-cryptography/
Future-proofing authentication: A look at the future of post-quantum cryptography

Security is evolving. Our mission is to make the strongest option the easiest option across login, approvals, and identity-rich scenarios.

Yubico
Paragon Initiative Enterprises3d ago

RE: https://phpc.social/@paragon/116364892926842512

We were originally planning to publish this on April 15, the 11 year anniversary of our inaugural blog post.

However, the accelerated timelines from Google and Cloudflare indicated that waiting another week is delaying it too much. So we pushed publish today instead.

Show threadParagon Initiative Enterprises3d ago

For folks that cannot install extensions (or just don't have a Rust toolchain setup):

https://github.com/paragonie/pqcrypto_compat

GitHub - paragonie/pqcrypto_compat: Pure-PHP implementation of Post-Quantum Cryptography Algorithms

Pure-PHP implementation of Post-Quantum Cryptography Algorithms - paragonie/pqcrypto_compat

GitHub
Show threadParagon Initiative Enterprises3d ago

The PHP extension (written in Rust):

https://github.com/paragonie/ext-pqcrypto

GitHub - paragonie/ext-pqcrypto: Post-Quantum Cryptography for PHP

Post-Quantum Cryptography for PHP. Contribute to paragonie/ext-pqcrypto development by creating an account on GitHub.

GitHub
Paragon Initiative Enterprises3d ago

We're excited to finally make #postquantum #cryptography possible in the #PHP ecosystem

https://paragonie.com/blog/2026/04/post-quantum-cryptography-for-php-community

Post-Quantum Cryptography for the PHP Community - Paragon Initiative Enterprises Blog

Announcing a PHP extension and pure-PHP polyfill providing post-quantum cryptography for the PHP open source software community.

Show threadParagon Initiative EnterprisesApr 3
If you'd like to hear more, tune in later this month.
Show threadParagon Initiative EnterprisesApr 3

Not directly relevant:

We're currently cooking up a PHP extension (with a separate, pure-PHP polyfill for users that cannot install extensions).

The adoption and migration pains that PHP users experience are something we take very seriously.

Paragon Initiative EnterprisesApr 3

If you're confident you don't need our sodium polyfill in your project, by all means, use ext-sodium instead.

But if you're writing a package other people use, tread carefully.

https://old.reddit.com/r/PHP/comments/1sbceco/dependency_hygiene/oe38qpv/

Show threadParagon Initiative EnterprisesDec 30

WordPress ticket: https://core.trac.wordpress.org/ticket/64462#ticket

Pull Request to prevent Composer from installing affected versions if Roave/SecurityAdvisories is used: https://github.com/FriendsOfPHP/security-advisories/pull/756

Paragon Initiative EnterprisesDec 30

# sodium_compat security release

* https://github.com/paragonie/sodium_compat/releases/tag/v2.5.0
* https://github.com/paragonie/sodium_compat/releases/tag/v1.24.0

Further information: https://00f.net/2025/12/30/libsodium-vulnerability/

Release Version 2.5.0 · paragonie/sodium_compat

Security Fix Read: A vulnerability in libsodium This fixes a congruent issue in the main branch of the PHP implementation. For older PHP versions, see v1.24.0 instead.

GitHub