[TLS] Re: Planned changes to Cloudflare's post-quantum deployment

Bas Westerbaan <bas@cloudflare.com> Mon, 09 September 2024 12:34 UTC

Return-Path: <bas@cloudflare.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D5BFC15106C for <tls@ietfa.amsl.com>; Mon, 9 Sep 2024 05:34:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5COkjqlTbA43 for <tls@ietfa.amsl.com>; Mon, 9 Sep 2024 05:34:44 -0700 (PDT)
Received: from mail-yb1-xb2f.google.com (mail-yb1-xb2f.google.com [IPv6:2607:f8b0:4864:20::b2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE8E1C14CE3B for <tls@ietf.org>; Mon, 9 Sep 2024 05:34:39 -0700 (PDT)
Received: by mail-yb1-xb2f.google.com with SMTP id 3f1490d57ef6-e1a82d1ef62so3763423276.0 for <tls@ietf.org>; Mon, 09 Sep 2024 05:34:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google09082023; t=1725885278; x=1726490078; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=5w49zuxB6AvlQbplQCRmgoNblQqnPMau9KaG4F3Ebeo=; b=S9fbC2Wv8U6p0fhNRvGzqngcaZxHdq/ljzq7W/G/DQLjFM/bFTZ6mgp8OXMdb0jHZ1 sS447GW1IjlWVpZiF5apvGtalmCos6wBag3EnyjVsIIO7PdgOmwIYz9o8uO5dr7XC79j mR6xTxxhScpI/tptIQYA4FQSeg2jnfbulOdCqSlPzO8SOPeXnZKX0RWw0NeKK0ivgkeM IlJqPRHXv9foL5FPPW7l/BniO/2CnbfZzMwcWt4oVSz/gigcVvjKEKhXNSM0NEM9N8t5 48t39nBRBymE7Eb0B59pG8Ei02QoPUd+rX8gQBSRrgo64kB65WX8VbNr8xA9bqj8onFl iUhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725885278; x=1726490078; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=5w49zuxB6AvlQbplQCRmgoNblQqnPMau9KaG4F3Ebeo=; b=OkRFwsZVOxDz5/Okpi9zGKaXpU62IUhlN3COd1jTFZs9a1LZGm8U+Lh3IoPbT5rreU z9iRBBfzbCzYICASKwekhbL2e5aAq9eJaojo6g+JEOgTFECdovmnxQZnw4eAaX63Ml0Q f1V3cHf+ZhFZ82DJNoJu9Nf/28Bx6uOfk0MaQx80qpkzhsbPhZTMxLMdXHG7lRsuo19g TYg3+d2zH8Pi7E9B/Xl4aDc3kv7OY7jte32x7Y0Rn1xMWDqdS4omiwzh5AvcPVf5ijh/ DxUta8EHG1v98USZEpy/jHMui1bNUKcRNhVpur9haGHcUi3FPA9Csp5q6/hQBzBf/hJK LAbw==
X-Gm-Message-State: AOJu0Yxx0jgxmsKSRWhtJH09UXiymYMWjTi29/LiF6f/cNQL1nI8UZb2 7BaOtw/MXp0L7F0AZfoKYXGIDQUrri1wKRgugpzb3kkV7CVv3LT2DzlgYvgFGScBLa1Tvno6LqX s/+cYl6D4hqDQP/A6NScVId5sGVt3SayTFyNIywExC3/F7n+Udcrtrag5
X-Google-Smtp-Source: AGHT+IH7KOBLWaxvGBRzLcrI8UT6E6RNnhO7rpSq42gnfOu8/aZkoAop7TfY/wnNcxmblHcVTfTzD7+pMYNUA4BnrR0=
X-Received: by 2002:a05:6902:110c:b0:e1a:8e05:4a58 with SMTP id 3f1490d57ef6-e1d3489ec8bmr11081857276.33.1725885278503; Mon, 09 Sep 2024 05:34:38 -0700 (PDT)
MIME-Version: 1.0
References: <CAMjbhoW9wH4=kG82tgzaDfw6QHoiMy3HSh_RkVBT9o-6a9Q1rg@mail.gmail.com> <e8f493a8-37f7-4f46-9915-f87c52652655@amongbytes.com>
In-Reply-To: <e8f493a8-37f7-4f46-9915-f87c52652655@amongbytes.com>
From: Bas Westerbaan <bas@cloudflare.com>
Date: Mon, 09 Sep 2024 14:34:27 +0200
Message-ID: <CAMjbhoX10WxMYYXq9+gT+mnp-oRU0dMJqG2S+sYeAwf1CfiSDA@mail.gmail.com>
To: Kris Kwiatkowski <kris@amongbytes.com>
Content-Type: multipart/alternative; boundary="000000000000f2f3b00621aefa48"
Message-ID-Hash: WM5NE5QEXQPWVF55GHRN4HVAJQPQ2XR4
X-Message-ID-Hash: WM5NE5QEXQPWVF55GHRN4HVAJQPQ2XR4
X-MailFrom: bas@cloudflare.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: tls@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS] Re: Planned changes to Cloudflare's post-quantum deployment
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/F-A7IjXrEl-1LwDvWA57x9VgpBs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Both.

On Mon, Sep 9, 2024 at 2:32 PM Kris Kwiatkowski <kris@amongbytes.com> wrote:

> Sweet!
> Does this migration includes also cloudflare->origin (egress) connections
> or just eyeballs->cloudflare?
>
> Cheers,
> Kris
> On 06/09/2024 12:02, Bas Westerbaan wrote:
>
> Hi all,
>
> We are planning to replace X25519Kyber768Draft00 (0x6399)
> with X25519MLKEM768 (0x11ec) [1], a hybrid of ML-KEM-768 and X25519.
>
> We will support X25519Kyber768Draft00 and X25519MLKEM768 at the same time
> for a while to allow clients the opportunity to migrate without losing
> post-quantum security.
>
> Apart from these two, we also supported X25519Kyber768Draft00 under
> codepoint 0xfe31 and X25519Kyber512Draft00 (0xfe30). We logged zero uses of
> these two in the last week with a 1/100 sample rate. We will disable
> 0xfe31, 0xfe30 over the common weeks.
>
> Best,
>
>  Bas
>
>
> PS. Not sure I shared it here already, but we have public graph tracking
> client PQ key agreement deployment:
> https://radar.cloudflare.com/adoption-and-usage#post-quantum-encryption-adoption
> At the time of writing about 17% of all human traffic (by request count)
> with us is using X25519Kyber768Draft00.
>
> [1] https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>