In May 2024, a comprehensive Transport Layer Security (TLS) scan conducted by TrustFour across the Fortune 1000 externally facing websites and domains. Across the entire Fortune 1000 domains, only 177 supported the Post Quantum key encapsulation hybrid cipher suite X25519_Kyber76.
The result isn’t surprising given that post quantum support has not yet been incorporated in a IETF standard for TLS and a draft IETF Hybrid Key Exchange in TLS V1.3 draft standard is the only one we found supported.
It should also be noted that, no other post quantum algorithm was supported. To validate this, TrustFour scanned support for the following ten (10) post quantum algorithms: kyber512, p256_kyber512, x25519_kyber512, p256_kyber768, x25519_kyber768, kyber768, p384_kyber768, x448_kyber768, kyber1024, and p521_kyber1024.
TrustFour is planning to publish this report every quarter and will include progress charts at the end of Q3 2024. To see if your site is post quantum configured at our free TLS Compliance checking site.
The rise of quantum computing poses a significant threat to classical encryption algorithms used in Transport Layer Security (TLS). Quantum computers, once sufficiently advanced, could break widely used cryptographic schemes such as RSA and elliptic curve cryptography (ECC), which are currently considered secure and are the basis of the key exchange used within TLS. This vulnerability primarily affects three aspects of TLS:
One of the most pressing concerns is the notion of “capture now, decrypt later.” This concept refers to the ability of adversaries to capture encrypted communications today and store them until they have access to quantum computers capable of decrypting them. This future threat necessitates the immediate adoption of quantum-resistant algorithms to protect sensitive information from being compromised in the future.
The Internet Engineering Task Force (IETF) has been actively working on developing standards to incorporate post-quantum cryptographic algorithms into existing protocols. The draft RFC for X25519_Kyber768 represents one such effort, introducing a hybrid approach that combines the classical X25519 elliptic curve key exchange with the quantum-resistant Kyber768 algorithm.
This hybrid method ensures that even if one of the algorithms is broken (e.g., by a quantum computer), the other still provides security, thus safeguarding the key exchange process. The draft RFC outlines the technical specifications, integration guidelines, and security considerations for deploying this hybrid cipher suite within TLS.
Adoption of post-quantum algorithms depends significantly on their support within widely used cryptographic libraries and browsers. As of May 2024:
Implementing post-quantum cryptography introduces notable differences in computational requirements and data transport sizes compared to traditional methods:
In December 2023, NIST published a paper titled “Migration to Post-Quantum Cryptography Quantum Readiness: Testing and Draft Standards” that provides additional details on the performance of the post quantum algorithms.
Post-quantum cryptography is rapidly becoming a crucial aspect of securing communications against future threats posed by quantum computing. The initial focus has been on developing and deploying quantum-resistant key exchange mechanisms, such as the hybrid X25519_Kyber768 cipher suite. Although adoption remains limited, with only 176 out of 10,000 servers in a recent scan supporting the hybrid suite, the momentum is building.
Organizations must prepare for this transition by ensuring cryptographic agility within their infrastructure. This involves being able to quickly update cryptographic protocols and algorithms and implementing compliance controls to verify that their environments are correctly configured and operating securely.
Visit https://www.trustfour.com to learn more about TLS compliance testing, cryptographic agility with centralized control and the use of mTLS for Workload Segmentation control plane.