Hi All
Meta publishes a detailed article showing how they approach the transition to PQC in a move that shows commitment to continuously raise its security bar to deploy the most advanced security and cryptographic protection techniques, and to lead by example.
First actions taken include:
- Creating a work-group to migrate to PQC, spanning from internal infrastructure to user-facing apps. Recognizing that this is a highly complex multi-year effort.
- Executing a priority analysis.
Their first target has been securing the confidentiality in internal TLS traffic. They took this decision because:
they control both endpoints and manage their own TLS library, so they have no external dependencies,
they regard internal TLS as a highly sensible use case, so it is a top priority.
Their choice for key exchange is Kyber + ECC X25519 in hybrid mode. They use Kyber768 as default and Kyber512 in some use cases where they need low latency. They explain different issues found in the process, like bugs in the liboqs library, increased latency with Kyber768 due to the size of the public key exceeding the maximum network packet size or when resuming TCP Fast Open (TFO).
They also confirm that Kyber768 seems to require less CPU cycles than X25519, as indicated previously by Bas Westerbaan from Cloudflare (https://lnkd.in/dB9pFCph).
https://engineering.fb.com/2024/05/22/security/post-quantum-readiness-tls-pqr-meta/
Regards
Caute_Cautim