search
Ctrlk
PricingLog inSign up

binary-lockPost-Quantum Cryptography

This page explains how Termius supports post-quantum cryptography (PQC), including key exchange and authentication methods, as well as compatibility with existing SSH servers.

Termius supports Post-Quantum Cryptography (PQC) to protect data against potential future quantum computing threats, in accordance with NIST FIPS 203 (ML-KEM) and FIPS 204 (ML-DSA) standards.

hashtag
Key Exchange (KEX) Support

Termius supports both standalone ML-KEM and hybrid modes that combine classical Elliptic Curve cryptography with quantum-resistant algorithms.

  • Hybrid Mode: mlkem768x25519-sha256 (Combines PQ + X25519)

  • Standalone ML-KEM: mlkem512-sha256, mlkem768-sha256, mlkem1024-sha384

hashtag
Authentication (ML-DSA)

Termius supports ML-DSA (Module-Lattice-Based Digital Signature Algorithm) for host and user authentication.

  • Host Keys: ssh-mldsa-44, ssh-mldsa-65, ssh-mldsa-87

  • User Keys: Support for ML-DSA SSH keys at levels 44, 65, and 87.

hashtag
Compatibility and Fallback

  • Server Support: Use of these algorithms requires the connected SSH server to also support FIPS 203 and FIPS 204.

  • Automatic Fallback: If the server does not support ML-KEM or ML-DSA, the application reverts to mutually supported classical algorithms (such as Ed25519 or RSA).

hashtag
Frequently Asked Questions (FAQ)

chevron-rightWhat is Post-Quantum Cryptography?hashtag

PQC refers to cryptographic algorithms designed to be secure against the processing power of quantum computers. A large-scale quantum computer could theoretically break current classical algorithms (RSA, ECC).

chevron-rightWhy use a hybrid algorithm?hashtag

A hybrid algorithm like mlkem768x25519-sha256 uses both a classical method and a post-quantum method. This ensures the connection remains secure even if one of the two algorithms is found to have a vulnerability.

chevron-rightDoes PQC affect connection process?hashtag

ML-KEM and ML-DSA keys and signatures are larger than those of classical ECC. This increases the amount of data sent during the initial handshake, which may result in a small increase in connection setup time depending on network conditions.

circle-exclamation

On some older systems, the larger handshake can cause the connection handshake to fail and disconnect the session early.

In such a case, you can disable the use of the PQC algorithms in Termius settings.

chevron-rightHow do I enable these algorithms?hashtag

Termius includes these algorithms in its default SSH algorithm list. If the server supports them, Termius uses them automatically. You only need manual configuration if you want to allow only PQC algorithms on the server side.

PreviousEncryption overviewNextCompliance

Last updated

Was this helpful?