Can BouncyCastlePQCProvider be directly used for TLS 1.3 with BCJSSE? #1848

rsmagdum · 2024-09-23T11:59:40Z

rsmagdum
Sep 23, 2024

https://www.keyfactor.com/blog/post-quantum-algorithm-update-in-bouncy-castle/
https://www.youtube.com/watch?v=EABttUCoTdY
After reading/watching above doc/workshop, my understanding is we can use PQC algorithms from BC PQC provider for key generation, signging operations, but it's still not integrated to use with TLS 1.3 (BCJSSE) hybrid key exchange - where a shared secret shall be derived by concatenating traditional + pqc kem secret.
Is my understanding correct?

Answered by peterdettman

Yes, it requires separate work on the TLS implementation (which is in progress) to enable the hybrid key exchanges.

peterdettman · 2024-10-01T04:05:53Z

Yes, it requires separate work on the TLS implementation (which is in progress) to enable the hybrid key exchanges.

1 reply

Thanks for confirmation @peterdettman