# Post-Quantum Cryptography

Termius supports Post-Quantum Cryptography (PQC) to protect data against potential future quantum computing threats, in accordance with NIST FIPS 203 (ML-KEM) and FIPS 204 (ML-DSA) standards.

### Key Exchange (KEX) Support

Termius supports both standalone ML-KEM and hybrid modes that combine classical Elliptic Curve cryptography with quantum-resistant algorithms.

* Hybrid Mode: `mlkem768x25519-sha256` (Combines PQ + X25519)
* Standalone ML-KEM: `mlkem512-sha256`, `mlkem768-sha256`, `mlkem1024-sha384`

### Authentication (ML-DSA)

Termius supports ML-DSA (Module-Lattice-Based Digital Signature Algorithm) for host and user authentication.

* Host Keys: `ssh-mldsa-44`, `ssh-mldsa-65`, `ssh-mldsa-87`
* User Keys: Support for ML-DSA SSH keys at levels 44, 65, and 87.

### Compatibility and Fallback

* **Server Support:** Use of these algorithms requires the connected SSH server to also support FIPS 203 and FIPS 204.
* **Automatic Fallback:** If the server does not support ML-KEM or ML-DSA, the application reverts to mutually supported classical algorithms (such as Ed25519 or RSA).

***

### Frequently Asked Questions (FAQ)

<details>

<summary>What is Post-Quantum Cryptography?</summary>

PQC refers to cryptographic algorithms designed to be secure against the processing power of quantum computers. A large-scale quantum computer could theoretically break current classical algorithms (RSA, ECC).

</details>

<details>

<summary>Why use a hybrid algorithm?</summary>

A hybrid algorithm like `mlkem768x25519-sha256` uses both a classical method and a post-quantum method. This ensures the connection remains secure even if one of the two algorithms is found to have a vulnerability.

</details>

<details>

<summary>Does PQC affect connection process?</summary>

ML-KEM and ML-DSA keys and signatures are larger than those of classical ECC. This increases the amount of data sent during the initial handshake, which may result in a small increase in connection setup time depending on network conditions.

{% hint style="warning" %}
On some older systems, the larger handshake can cause the connection handshake to fail and disconnect the session early.

In such a case, you can disable the use of the PQC algorithms in Termius settings.&#x20;
{% endhint %}

</details>

<details>

<summary>How do I enable these algorithms?</summary>

Termius includes these algorithms in its default SSH algorithm list. If the server supports them, Termius uses them automatically. You only need manual configuration if you want to allow only PQC algorithms on the server side.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.termius.com/security/post-quantum-cryptography.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.