trnck.dev
blog.trnck.dev
Filip the silly mistake guy
+4
-4
+4
-4
_posts/2024-06-29-kyber-kexes.md
+4
-4
_posts/2024-06-29-kyber-kexes.md
···
3
3
image: ciphertrails_3.png
4
4
---
5
5
6
-
It's been a while since we last took a look at the two new promising technologies on the web - post-quantum key exhange with Kyber[^1] and <abbr title="Encrypted Client Hello">ECH</abbr>, so it makes sense to revisit them and see what's up.
6
+
It's been a while since we last took a look at the two new promising technologies on the web - post-quantum key exchange with Kyber[^1] and <abbr title="Encrypted Client Hello">ECH</abbr>, so it makes sense to revisit them and see what's up.
7
7
8
8
## Kyber
9
9
···
13
13
14
14
## ECH
15
15
16
-
Unfortunately, although being around since all the way in 2018 (then known as <abbr title="Encrypted server name indication">ESNI</abbr>) and hence being a lot older than Kyber, ECH is still not really used anywhere. Since last October, Cloudflare [has disabled](/cloudflare-disabled-ech/) ECH on all of their customers' websites for "reasons". Although both Chrome and Firefox support the technology and are very happy to utilize it (we even [got support](https://github.com/golang/go/issues/63369) for it in Go), the only place you will bump into it is on testing websites like [defo.ie](https://defo.ie/ech-check.php) or Cloudflare's [encryptedsni.com](https://encryptedsni.com). If this ever changes, you can be sure to read about it here, because I personally believe this to be one of the most interesting and important developments in TLS in the last decade.
16
+
Unfortunately, despite being around since all the way in 2018 (then known as <abbr title="Encrypted server name indication">ESNI</abbr>) and hence being a lot older than Kyber, ECH is still not really used anywhere. Since last October, Cloudflare [has disabled](/cloudflare-disabled-ech/) ECH on all of their customers' websites for “reasons”. Although both Chrome and Firefox support the technology and are very happy to utilize it (we even [got support](https://github.com/golang/go/issues/63369) for it in Go), the only place you will bump into it is on testing websites like [defo.ie](https://defo.ie/ech-check.php) or Cloudflare's [encryptedsni.com](https://encryptedsni.com). If this ever changes, you can be sure to read about it here, because I personally believe this to be one of the most interesting and important developments in TLS in the last decade.
17
17
18
18
## Additional tidbits
19
19
20
20
- If you operate a website and would like to check its support for Kyber and ECH, you can use the [ech-check](https://github.com/filiptronicek/ech-check) CLI tool I wrote for this purpose.
21
21
- A very nice report on how things are going in the <abbr title="Post-quantum cryptography">PQC</abbr> world is Bas Westerbaan's piece [The state of the post-quantum Internet](https://blog.cloudflare.com/pq-2024)
22
22
23
-
Thanks for sticking around, see ya next time!
23
+
Thanks for sticking around; see ya next time!
24
24
25
25
## Footnotes
26
26
27
-
[^1]: Since [last time](/hello-internet), Kyber has been renamed to [ML-KEM](https://csrc.nist.gov/pubs/fips/203/ipd), but for the needs of this post, I will keep calling it Kyber, because both of its derived key exchanges use that name.
27
+
[^1]: Since [last time](/hello-internet), Kyber has been renamed to [ML-KEM](https://csrc.nist.gov/pubs/fips/203/ipd), but for the purposes of this post, I will keep calling it Kyber, because both of its derived key exchanges use that name.
28
28
[^2]: This number gets even more impressive when you take into account that when part one of this series was published, Kyber was only used in 0.2% of connections.
29
29
[^3]: If you want to try Caddy or nginx with Kyber today, there are guides provided for both: [Caddy](https://gist.github.com/bwesterb/2f7bfa7ae689de0d242b56ea3ecac424) and [nginx](https://blog.centminmod.com/2023/10/03/2860/how-to-enable-cloudflare-post-quantum-x25519kyber768-key-exchange-support-in-centmin-mod-nginx/).