Posted by Refael Angel
May 7, 2025
Post-quantum computing is on the horizon, bringing revolutionary capabilities along with significant cybersecurity challenges. Although practical quantum computers aren’t yet widespread, attackers are already exploiting future quantum threats. They are employing “harvest now, decrypt later” strategies—capturing encrypted data today to decrypt later when quantum computers become powerful enough. This poses a serious risk to sensitive information once considered secure.
To proactively address this risk, Akeyless is proud to announce our advanced quantum-resilient encryption. The Akeyless Gateway now supports hybrid TLS 1.3 encryption, combining two robust encryption algorithms:
- X25519, a widely-adopted elliptic-curve key exchange algorithm known for efficiency and strong security.
- ML-KEM768, a quantum-resistant algorithm selected by the National Institute of Standards and Technology (NIST).
Why You Need Post-Quantum Protection Now
While quantum computers capable of breaking classical encryption methods such as RSA and ECC remain in the developmental phase, the threat they pose is imminent. Organizations must adopt quantum-resilient encryption now to ensure that sensitive communications remain secure into the future. Delaying action leaves critical data open to quantum-based decryption threats.
Hybrid TLS 1.3 Explained
Hybrid TLS 1.3 encryption securely establishes a shared secret between two parties by simultaneously using classical and quantum-resistant key exchange methods. During the initial handshake, it combines the X25519 elliptic-curve algorithm (classical cryptography) with the ML-KEM768 algorithm (quantum-resistant cryptography). This dual-layered approach ensures encrypted communication is secure today and remains secure even against future quantum attacks. As a result, even if attackers intercept and store encrypted data now, they will be unable to decrypt it later with quantum computing capabilities.
How Akeyless Provides Quantum Protection
Akeyless offers a cloud-native platform designed to securely manage and protect secrets, passwords, and encryption keys. The introduction of hybrid encryption enhances our platform by:
- Quantum-Resilient Communication: This encryption protects all client-to-Gateway communication against quantum threats.
- Automatic Implementation: The Gateway negotiates hybrid key exchange automatically during the standard TLS 1.3 handshake, requiring no client-side changes or configuration.
- Aligned with Standards: This enhancement is built on standardized cryptographic libraries that comply with NIST’s PQC guidelines, ensuring compatibility with compliance and regulatory requirements.
Stronger Network Security, Built for the Post-Quantum Future
By implementing hybrid TLS 1.3 encryption, Akeyless significantly strengthens network-layer security. All data flowing between clients and the Gateway is safeguarded by advanced encryption, future-proofing your organization’s security posture and maintaining regulatory compliance.
Secure Your Data with Confidence
At Akeyless, staying ahead of emerging threats is central to our mission. Integrating hybrid quantum encryption into our Zero Trust architecture ensures secure communication across all your cloud environments, preparing your organization for the quantum future.
Quantum computing threats are approaching rapidly. Act now to secure your data against quantum risks with Akeyless.
For more information on our quantum-resilient encryption solutions, contact our team today.
