Closed neilcohen closed 2 months ago
Hi @neilcohen ,
Thank you for reaching out to us again! We love that you're using wolfSSL to do post-quantum work.
We are planning to support X25519 hybridized with Kyber512 in TLS 1.3.
If you would like to accelerate that effort, please send an email to support@wolfssl.com and register your interest in such a feature. The process is short and only takes a few minutes of your time.
I am sorry to say that I have not done enough reading on what Google's Chrome supports when it comes to Kyber. I will need to do some further reading. My first knee jerk reaction is that it might be that they support the most recently published ML-KEM draft from NIST while we support the final version of Kyber from the NIST competition. But that is just an assumption. I will need to do some research.
Please do send us a message to support@wolfssl.com
Warm regards, Anthony
When I pass WOLFSSL_KYBER_LEVEL3 to wolfSSL_UseKeyShare and wolfSSL_set_groups per examples/server/server.c, chrome will abort the connection.
Hi @neilcohen ,
Yes, it appears that this would be the correct behaviour . Chromium browser appears to only support kyber hybridized with X25519 for post-quantum key exchange. Since this is not WOLFSSL_KYBER_LEVEL3 it wold not have anything to interoperate with and so it will abort the connection.
Let me know if this makes sense to you.
Warm regards, Anthony
That makes sense. Thanks for looking into this. I will contact support@wolfssl.com to indicate our interest in the feature.
Ok. I look forward to seeing your feature request! Since the conversation will move to our Technical Support System, I will now close this issue.
Version
5.7.0
Description
Hi.
Does the latest wolfssl support creating a TLS server that supports X25519Kyber512Draft00? We were previously trying to setup a PQC tls server and you fixed a crash for us in https://github.com/wolfSSL/wolfssl/issues/7047
We can support PQC for connections between our own servers but we would like to support for client connections from chrome as well.
When I pass WOLFSSL_KYBER_LEVEL3 to wolfSSL_UseKeyShare and wolfSSL_set_groups per examples/server/server.c, chrome will abort the connection.
Thanks neil@hushmesh.com