Sub-2ms post‑quantum TLS
A production deployment of hybrid X25519+ML-KEM post-quantum TLS handshakes is reporting sub-2ms p50 latency (1.04ms), showing PQ-safe crypto can meet tight handshake budgets for low-latency systems reported. That’s a practical datapoint for teams balancing quantum-resistant security with microsecond-sensitive trading flows reported.
[QuSecure demonstrated]tmcnet.com a proxy-based production path at MWC that rolled hybrid ML‑KEM TLS into a Tier‑1 telco across edge, S2S, and core links without rewriting applications. [PQCrypta published]pqcrypta.com a Rust‑based pqcrypta‑proxy build using rustls with X25519MLKEM768 as the primary group and HTTP/3 over QUIC as transport, and reported a 26‑minute deployment window for the change. [AWS measured]aws.amazon.com hybrid X25519+ML‑KEM handshakes in us‑west‑2 and documented larger handshake ciphertexts and modest extra crypto work, while OpenSSL lab [guides recommended]cryptomathic.com using an NGINX/OpenSSL 3.5 reverse‑proxy as a migration pattern. Rustls performance [notes profiled]rustls.dev microbenchmark optimizations for PQ handshakes, and an empirical arXiv comparison of classical, hybrid, and pure PQ [key‑exchange found]arxiv.org that the TLS handshake layer behaves largely algorithm‑neutral under realistic load. IETF [drafts standardized]ietf.org named groups like X25519MLKEM768 for hybrid TLS, and the X‑Wing research [paper proposes]cryptojedi.org an optimized X25519+ML‑KEM‑768 combiner while vendor docs from [IBM document]ibm.com the ML‑KEM strength/performance ordering (ML‑KEM‑512 < 768 < 1024).
