All news with #post-quantum tls tag

AWS Load Balancers Add Post-Quantum TLS Key Exchange

🔐 AWS Application Load Balancers (ALB) and Network Load Balancers (NLB) now offer an opt-in post-quantum TLS (PQ-TLS) key exchange option. The new PQ-TLS security policies use hybrid key agreement that combines classical algorithms with post-quantum KEMs including the standardized ML-KEM, protecting against 'harvest now, decrypt later' attacks. Available at no extra cost across AWS Commercial, GovCloud (US), and China Regions, the feature requires explicit listener updates and supports monitoring via ALB connection logs and NLB access logs.

Testing Post-Quantum TLS in Python with OpenSSL 3.5

🔐 AWS provides a containerized sample to test post-quantum hybrid TLS (PQ TLS) from Python by bundling OpenSSL 3.5 with a standard interpreter and common libraries. The sample demonstrates hybrid key exchange using ML-KEM alongside classical algorithms and includes examples for boto3/AWS CLI, requests, and low-level ssl sockets. It also shows how to capture traffic and confirm PQ negotiation in TLS handshakes.