Post-quantum TLS 1.3
PQShield’s post-quantum TLS 1.3 demo illustrates how post-quantum cryptography can be integrated into the key exchange algorithms and digital signature schemes used within TLS to construct a handshake protocol that is fully resistant to quantum computers.
The demonstration servers use nginx compiled against a modified variant of OpenSSL 1.1.1 and use PQShield’s PQSDK:PQTLS OpenSSL engine to provide implementations of post-quantum cryptographic primitives.
The server side of the demo consists of a large number of virtual servers, each configured to support exactly one combination of TLS key exchange and signature algorithm. The Server Name Indication (SNI) TLS extension is used to route traffic to the appropriate server.
To build the client-side of the demo, PQShield have patched a version of the BoringSSL library and the Chromium web browser to add support for post-quantum cryptography. Demonstration root certificate authorities (CA) certificates have been hardcoded into the modified Chromium to allow us to serve a fully post-quantum PKI certificate chain from server to root.
Warning: do not use the patched Chromium browser to connect to any other website than this demonstration website!
Try it out
Use the following links to connect to a server using a HTTPS connection protected by a fully quantum-resistant TLS 1.3 handshake.
Key exchange algorithm | Signature algorithm | Link |
---|---|---|
KYBER_512 | FALCON_512 | Go! |
KYBER_512 | DILITHIUM_2 | Go! |
KYBER_512 | SPHINCS_SHAKE256_128_SR | Go! |
KYBER_512 | SPHINCS_SHAKE256_128_SS | Go! |
KYBER_768 | DILITHIUM_4 | Go! |
KYBER_1024 | FALCON_1024 | Go! |
The following servers use “hybrid” cryptography, pairing a post-quantum key exchange or signature algorithm with a classical elliptic curve scheme.
Key exchange algorithm | Signature algorithm | Link |
---|---|---|
ECDH_P256-KYBER_512 | ECDSA_P256_SHA256-FALCON_512 | Go! |
ECDH_P256-KYBER_512 | ECDSA_P256_SHA256-DILITHIUM_2 | Go! |
ECDH_P256-KYBER_512 | ECDSA_P256_SHA256-SPHINCS_SHAKE256_128_SR | Go! |
ECDH_P256-KYBER_512 | ECDSA_P256_SHA256-SPHINCS_SHAKE256_128_SS | Go! |
ECDH_P384-KYBER_768 | ECDSA_P521_SHA512-DILITHIUM_4 | Go! |
ECDH_P521-KYBER_1024 | ECDSA_P521_SHA512-FALCON_1024 | Go! |