Platform

Platform

Post-quantum security

Confirm you're on hybrid post-quantum TLS and that the audit Ledger is post-quantum signed.

Overview

DataStrict is quantum-resistant at two boundaries. Traffic into the gateway rides hybrid post-quantum TLS- a classical X25519 key exchange combined with NIST's ML-KEM-768 - and every entry the audit Ledger records is signed with ML-DSA, on top of its existing hash-chain. This page shows how to confirm both from the outside, so post-quantum protection is something you verify, not something you take on faith.

Tip · Why hybrid

A hybrid key exchange derives the session key from a classical and a post-quantum algorithm at once. The connection stays secret unless an attacker breaks both - so you keep the proven strength of X25519 today and gain resistance to a future quantum attack, with no trade-off.

Verify post-quantum TLS

Ask the gateway to negotiate the hybrid group and inspect what the handshake actually settled on. With OpenSSL 3.5 or later:

$ openssl s_client -connect gateway.datastrict:443 \
      -groups X25519MLKEM768 -tls1_3 </dev/null 2>/dev/null \
  | grep -i "Negotiated\|group"

  Negotiated TLS 1.3, Cipher is TLS_AES_256_GCM_SHA384
  Server Temp Key: X25519MLKEM768

A Server Temp Key of X25519MLKEM768 confirms the session key was established with the hybrid post-quantum exchange. If you see a bare X25519, the client did not offer the post-quantum group - see rollout below.

Verify the signed Ledger

Each record in the audit Ledger carries an ML-DSA signature. The CLI re-verifies a range of entries against their signatures and checks the hash-chain in one pass:

$ datastrict ledger verify --last 100

  algorithm:   ML-DSA-65 (FIPS 204)
  entries:     100/100 signatures valid
  chain:       intact (no gaps, no reordering)

The signature proves a record cannot be forged even by an adversary with a quantum computer; the chain proves none was removed or reordered. Together they make the Ledger evidence that holds for the full retention period, not just until today's signatures are broken.

Rollout & compatibility

Hybrid post-quantum TLS is backwards compatible. A client that supports the post-quantum group (modern browsers and up-to-date TLS libraries do) negotiates it automatically; an older client falls back to a classical exchange rather than failing. You can require the post-quantum group for a given route so a downgrade is refused - the right posture for the most sensitive traffic, and the default for air-gapped and private-cloud deployments where DataStrict terminates TLS itself.

Tip · Next steps

Read the Post-Quantum Cryptography overview for the architecture, or the Audit & evidence guide for how the signed Ledger fits the broader evidence model.

Was this page helpful?