Release 5.8.0 of our wolfSSL library implements hybrid key exchange algorithms that combine conventional elliptic curve cryptography with post-quantum key encapsulation mechanisms (KEMs).
New Hybrid Groups: Combining elliptic curves (SECP256/384/521, X25519, X448) with ML-KEM. This provides compatibility with Chromium and other organizations that are together with wolfSSL leading the way in post-quantum migration. Some of the new hybrid groups were already done in previous releases. Here is the complete list of hybrid key exchange groups in TLS 1.3:
- WOLFSSL_P256_ML_KEM_512
- WOLFSSL_P384_ML_KEM_768
- WOLFSSL_P256_ML_KEM_768
- WOLFSSL_P521_ML_KEM_1024
- WOLFSSL_P384_ML_KEM_1024
- WOLFSSL_X25519_ML_KEM_512
- WOLFSSL_X25519_ML_KEM_768
- WOLFSSL_X448_ML_KEM_768
The new release includes comprehensive test configurations demonstrating how to use these new hybrid groups in TLS 1.3 connections. Go ahead and start thwarting the “Harvest Now, Decrypt Later” threat model that is currently in play.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now