Tiekoetter.com now supports Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3
-
More specifically the "X25519MLKEM768" group if the client supports it. Fallback are still the normal "X25519" and "SecP384r1" groups if the client doesn't support the MLKEM group.
Why is this important?
Quantum computing could break standard cryptography when it matures. These Module-Lattice (ML) Key Encapsulation Methods (KEM) are designed to withstand future quantum computing attacks.What does "X25519MLKEM768" do?
As the name might suggest it combines both mechanisms of "X25519" and "ML-KEM-768" forcing an attacker to break both mechanisms to break the cryptographic key exchange.Drawbacks?
As this is using both the standard "X25519" mechanism and the "ML-KEM-768" encapsulation mechanism it is more computationally expensive as the "X25519" standalone. This should be negligible on modern systems.You can check if your Browser supports this by opening the browser console and selecting the security tab. Something like this should be shown:
