Dear all, We have submitted a new draft on hybrid key exchange in TLS.
This draft specifies how to instantiate hybrid key exchange in TLS 1.3 using ECDHE and SCloud+, a PQ KEM proposed in 2024. SCloud+ is based on the unstructured LWE problem with improved performance. The absence of algebraic structure in such KEMs presumes a higher level of security than for algorithms based on structured lattices. So, the hybrid of ECDHE and SCloud+ may serve as a conservative option for high-security applications using TLS 1.3. Your comments and review are welcome! Thanks, Guilin and Anyu -----Original Message----- From: [email protected] <[email protected]> Sent: Monday, 16 February 2026 9:39 pm To: Anyu Wang <[email protected]>; Wang Guilin <[email protected]>; Wang Guilin <[email protected]> Subject: New Version Notification for draft-wang-tls-hybrid-ecdh-scloud-01.txt A new version of Internet-Draft draft-wang-tls-hybrid-ecdh-scloud-01.txt has been successfully submitted by Guilin Wang and posted to the IETF repository. Name: draft-wang-tls-hybrid-ecdh-scloud Revision: 01 Title: Post-quantum Hybrid ECDHE-SCloud+ Key Exchange for TLS 1.3 Date: 2026-02-16 Group: Individual Submission Pages: 12 URL: https://www.ietf.org/archive/id/draft-wang-tls-hybrid-ecdh-scloud-01.txt Status: https://datatracker.ietf.org/doc/draft-wang-tls-hybrid-ecdh-scloud/ HTML: https://www.ietf.org/archive/id/draft-wang-tls-hybrid-ecdh-scloud-01.html HTMLized: https://datatracker.ietf.org/doc/html/draft-wang-tls-hybrid-ecdh-scloud Diff: https://author-tools.ietf.org/iddiff?url2=draft-wang-tls-hybrid-ecdh-scloud-01 Abstract: This draft specifies how to enable hybrid key exchange with ECDHE and SCloud+ in Transport Layer Security protocol version 1.3 (TLS 1.3) to mitigate quantum threats. SCloud+ is an unstructured lattice based KEM (key encapsulation mechanism) with post-quantum security. This draft follows the post-quantum hybrid key exchange framework specified by [TLS.Hybrid], by concatenating the public keys and ciphertexts of ECDHE and SCloud+. Three concrete hybrid key exchange schemes are specified in this draft, which are X25519SCloud+128, SecP256r1SCloud+192 and SecP384r1SCloud+256. [EDNOTE: ... ] The IETF Secretariat _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
