Post-Quantum TLS

The integration of quantum-resistant key exchange and signature algorithms into TLS to protect against future cryptographically relevant quantum computers that could break current RSA, ECDH, and ECDSA algorithms using Shor's algorithm. NIST finalised the first post-quantum standards in 2024: ML-KEM (CRYSTALS-Kyber) for key encapsulation and ML-DSA (CRYSTALS-Dilithium) for digital signatures. Deployments today typically use hybrid key exchange (ECDH + ML-KEM) to maintain classical security while gaining quantum resistance. Chrome, Firefox, and Cloudflare have deployed post-quantum TLS in production as of 2024.