Rephrasing TLS key exchange in terms of KEMs
In the RFC for TLS 1.3 (RFC8446) especially, the key exchange is defined in terms of (EC)DH key shares being exchanged. This limits us to algorithms which support non-interactive …
Using (post-quantum) KEMs in TLS 1.3
The new TLS 1.3 standard \[1\] does not yet provide any support for post-quantum algorithms. In this blog post we’ll be talking about how we could negotiate a post-quantum key …