Expand description
This crate provides a rustls::crypto::CryptoProvider that includes
a hybrid1, post-quantum-secure2 key exchange algorithm –
specifically X25519MLKEM768, as well as a non-hybrid
post-quantum-secure key exchange algorithm.
X25519MLKEM768 is pre-standardization, so you should treat this as experimental. You may see unexpected connection failures (such as tldr.fail) – please report these to us. X25519MLKEM768 is becoming widely deployed, eg, by Chrome and Cloudflare.
The two components of this key exchange are well regarded: X25519 alone is already used by default by rustls, and tends to have higher quality implementations than other elliptic curves. ML-KEM-768 was standardized by NIST in FIPS203.
§How to use this crate
There are a few options:
To use this as the rustls default provider: include this code early in your program:
rustls_post_quantum::provider().install_default().unwrap();To incorporate just the key exchange algorithm(s) in a custom rustls::crypto::CryptoProvider:
use rustls::crypto::{aws_lc_rs, CryptoProvider};
let parent = aws_lc_rs::default_provider();
let my_provider = CryptoProvider {
kx_groups: vec![
rustls_post_quantum::X25519MLKEM768,
aws_lc_rs::kx_group::X25519,
rustls_post_quantum::MLKEM768,
],
..parent
};meaning: a construction that runs a classical and post-quantum key exchange, and uses the output of both together. This is a hedge against the post-quantum half being broken. ↩
a “post-quantum-secure” algorithm is one posited to be invulnerable to attack using a cryptographically-relevant quantum computer. In contrast, classical algorithms would be broken by such a computer. Note that such computers do not currently exist, and may never exist, but current traffic could be captured now and attacked later. ↩
Statics§
- This is the MLKEM key exchange.
- This is the X25519MLKEM768 key exchange.
Functions§
- A
CryptoProviderwhich includesX25519MLKEM768andMLKEM768key exchanges.