Into A Hybrid PQC (Post Quantum Cryptography) World, And Getting Ready For Full PQC
A client and server hello to Kyber512/X25519
And, so, how do we migrate from our existing key exchange methods into a world with does not contain any elliptic curve methods? Well, one way is to use a Hybrid method that integrates both lattice methods (with Kyber) and a compatible key exchange method (such as with X25519). The advantage of this is that we can try out Kyber but still keep compatibility with existing browser implementations.
For this, Cloudflare has created pure Kyber implementations alongside Kyber-X25519:
The Golang code for this is [here]:
X25519 and Kyber/X25519
For X25519, we have a 256-bit curve, we have a secret key (sk) and a public key (pk). The secret key is 32 bytes long (256 bits), and the public key is…