*Summary:* Experiment with the X25519Kyber768 post-quantum key agreement mechanism for TLS.
I intend to evaluate the performance characteristics and deployability of a next-generation cryptosystem called Kyber. Unlike currently deployed systems, Kyber is believed to be secure against attackers with large quantum computers. While cryptanalytic-scale quantum computers do not yet exist, the immediate deployment of a post-quantum key agreement mechanism will protect our users against "store now, decrypt later" attacks. For the initial experimentation period, all uses of Kyber will be paired with X25519 as a risk-minimizing measure. *Bug:* https://bugzilla.mozilla.org/show_bug.cgi?id=1874959 *Specification:* https://www.ietf.org/archive/id/draft-tls-westerbaan-xyber768d00-03.html *Standards Body:* IETF, TLS WG *Platform coverage:* All, after an initial period of desktop-only evaluation. *Preference:* security.tls.enable_kyber *Link to standards-positions discussion: * https://github.com/mozilla/standards-positions/issues/874 *Other browsers:* *Blink: *in developer trial https://groups.google.com/a/chromium.org/g/blink-dev/c/mniZUff1syc/m/tM5tSne9AwAJ . *WebKit:* not implemented. *Demo: *https://pq.cloudflareresearch.com/ -- John -- You received this message because you are subscribed to the Google Groups "dev-platform@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-platform+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-platform/CAFgAd7EXV5GNB_%2B6%2BAexRqGQOgtvSJwL-%2Bu37Xd1P2Rv%3DK%2Bx9Q%40mail.gmail.com.
