Is it quantum safe?

How are we checking your browser? This site checks to see if you have post quantum TLS Support Groups 25497 and 25498 advertised. If you want more details about your browser check out browserleaks.

This is enabled by default in the latest versions of Chrome and Edge. You can enable in Firefox by going to about:config and turning on security.tls.enable_kyber.

This site is enabled for hybrid post-quantum key exchange with the X25519Kyber768Draft00 using cfgo. Your connection to this site is using the TLS_AES_128_GCM_SHA256 cipher which is data we pull from the TLS connection state CipherSuite method. We are probably using the X25519 elliptic curve but it's complicated to get the info directly server side. You can check client side in chromium based browsers by right clicking "inspect" to get to the developer tools and switching to the "security" tab to see if X25519Kyber768Draft00 is listed, or in firefox with inspect->network->select an item on the list->security->look for kyber768d00.

In go it's challenging to pull curveID being established in a connection as it happens. It's a chicken and egg problem with the tls.Config. Additionally, many of the methods in common.go and key_agreement.go are defined internally within the crypto/tls package and are not exported, so we can't actually reference the information they hold directly without circumventing via logging or rebuilding aspects of the package. Specifically, we need the curveID variable from line 173 in key_agreement.go. So, our work around is that this site runs a duplicate of that method (~3 lines of code) with the same inputs. We're reasonably sure that provides the correct curveID, but there might be cases where it is not, so sorry about that. If you have another approach for checking server side let us know!

What else can I learn?

created by accenture
BY ACCESSING, BROWSING OR USING THIS WEB SITE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND AND AGREE TO BE BOUND BY THESE TERMS AND CONDITIONS. The 'It is quantums safe?' “Asset” is presented by Accenture for demonstration purposes only and not for commercial or any other purposes. Accenture provides a right to the user to access and use the Asset, subject to compliance to these terms, on a non-exclusive, limited, royalty-free basis. All rights and title to this Asset are reserved for Accenture. Accenture makes no representations or warranties in relation to the Asset. To the extent permitted by law, Accenture disclaims all liability relating to the Asset including direct and indirect, incidental, or consequential damages, including loss of profits, arising out of or relating otherwise to the use of the Asset, however caused except for willful intent and gross negligence.