How does Post-Quantum Cryptography affect the TLS protocol?

By _Xiphera Blog

May 23, 2023

The emerging threat of quantum computers changes the way we look at and implement communications security of today. How can Post-Quantum Cryptography (PQC) be used for protecting the widely used TLS 1.3 protocol?

Transport Layer Security (TLS) is perhaps the most well-known cryptographic protocol. It is used for providing communication in a large variety of applications security including secure web browsing. Typically, web browsers show a lock icon next to the URL link when it is using the protected HTTPS protocol; this means that the communication is protected with TLS. Although secure web browsing is the most visible application of TLS, it is nowadays used in a large variety of different applications including also machine-to-machine communication protocols.

The history of TLS dates back to the 1990s. It was developed by Netscape Communications and was originally called Secure Sockets Layer (SSL). TLS 1.0 was released as RFC 2246 by the IETF (Internet Engineering Task Force) in 1999. The early version of both SSL and TLS suffered from severe vulnerabilities and they are no longer recommended to be used. Nowadays, basically two version of TLS are in mainstream use: TLS 1.2 defined in RFC 5246 from 2008 and TLS 1.3 defined in RFC 8446 from 2018. The latter includes significant security and performance improvements over the earlier versions and is the recommended version for any new systems.

Click here to read more ...