Using ML-KEM Post-Quantum Key Exchange in Caddy
My previous post discussed the introduction of a Module-Lattice Key Encapsulation Mechanism (ML-KEM) post-quantum key exchange algorithm implementation in OpenSSH, and how to specify it in your SSH configurations. ML-KEM is the new FIPS 203 standard, previously known as Kyber, which was standardized by NIST on 2024-08-13. OpenSSH’s implementation of ML-KEM is a PQ/T hybrid approach that combines the post-quantum ML-KEM with the traditional X25519 key exchange algorithm. This post will cover the ML-KEM implementation in Caddy, the popular web server and reverse proxy. ...