Hacker News

HTTPS malosi ma lelei quantum-safe

Fa'amatalaga

15 min read Via security.googleblog.com

Mewayz Team

Editorial Team

Hacker News

O lo'o tatagi le Uati ile Fa'ailoga i Aso Nei — Ma o le tele o Pisinisi e leai se manatu

So'o se taimi lava e tu'uina atu ai e le tagata fa'atau se totogi, saini i totonu o le dashboard, pe lafo atu se fe'au i lau fa'asalalauga, e puipuia le leoa e le HTTPS na fa'amatalaga e fa'aaoga ai fa'ata'ita'iga algorithms ua mautu mo le tele o tausaga. Ae o lo'o fa'agasolo le suiga o le mafui'e. Komipiuta Quantum - masini e faʻaogaina le fisiki uiga ese o le faʻaogaina ma le faʻalavelave - o loʻo vave ona oʻo atu i le gafatia e faʻaumatia ai faavae o le matematika o le RSA, ECDSA, ma le Diffie-Hellman key exchange. O le taufaamata'u ua le o toe manatu. I le 2024, na faʻamaeʻaina ai e le NIST ana tulaga muamua e tolu post-quantum cryptography (PQC). Google, Cloudflare, ma Apple ua uma ona faʻaaogaina algorithms quantum-resistant i le gaosiga. Mo soʻo se pisinisi e tuʻuina atu faʻamatalaga maʻaleʻale i luga o le initaneti - lea e aoga i pisinisi uma - malamalama i le quantum-safe HTTPS e le o toe filifili. Ose fa'atonuga fa'atino.

Aisea o le a malepe ai le HTTPS o loʻo iai nei i lalo ole osofaʻiga tele

O le HTTPS i aso nei o lo'o fa'alagolago i le TLS (Transport Layer Security), lea e fa'aogaina ai ata fa'ata'oto i le taimi o le lululima e fa'avae ai se mealilo fefa'asoaa'i i le va o tagata o tausia ma le server. O le saogalemu o lenei lululima e faalagolago i faafitauli o le matematika e le mafai e komepiuta masani ona foia lelei: fa'avasegaina numera tele (RSA) poʻo le faʻatulagaina o logarithms tuʻufaʻatasi i luga o pupuni elliptic (ECDH). O se komepiuta quantum e lava le malosi o lo'o fa'aogaina ai le Shor's algorithm e mafai ona fo'ia uma i le polynomial taimi, fa'aitiitia ai le mea e alu ai se supercomputer masani e faitau miliona tausaga i na'o itula po'o minute.

O le itu e sili ona mata'utia o le "seleni nei, fa'ata'ita'i mulimuli ane" ta'iala ua uma ona fa'aogaina e le au faifa'ailoga a le atunu'u. O lo'o fa'amauina e fili fa'amaufa'ailoga fe'avea'i i aso nei ma le fa'amoemoe e fa'ate'aina pe a matua tele komepiuta quantum. Fa'amaumauga tau tupe, fa'amaumauga tau soifua maloloina, meatotino tau le mafaufau, feso'ota'iga a le malo - so'o se mea e pu'eina i femalagaiga ua avea nei ma fa'aletonu i tua. Ua lapataia e le National Security Agency e faapea o lenei taufaamata'u e oo atu i so o se faamatalaga e tatau ona le faalauaiteleina mo le silia ma le 10 tausaga, lea e aofia ai le tele o faamatalaga tau pisinisi.

E fesuisuia'i fua fa'atatau ile taimi e taunu'u mai ai se komipiuta quantum (CRQC). Ole fa'afanua ole auala a le IBM e fa'atatau ile 100,000+ qubits ile 2033. Na fa'aalia e Google ni fa'atonuga fa'asa'o mea sese tele ma lana Willow chip i le fa'ai'uga o le 2024. E ui o le CRQC e mafai ona talepeina le 2048-bit RSA atonu e 10-15 tausaga le mamao, o le femalaga'iga e fa'amae'aina fa'asologa o tala fa'asolopito e tatau ona amata i le taimi nei e sili atu le fa'aogaina o le fa'asologa o le fa'asologa o le fa'asologa o le fa'asologa o le fa'asologa o le fa'asologa o le fa'asologa ona o se fa'asologa o le fa'asologa o le fa'asologa o tala fa'asolopito. aseta tetele.

O Tulaga Fou: ML-KEM, ML-DSA, ma le SLH-DSA

Ina ua mae'a se su'esu'ega e valu tausaga e aofia ai fa'amatalaga mai tagata su'esu'e i le lalolagi atoa, na fa'asalalau e le NIST ni fa'ata'ita'iga fa'ata'otoga fa'ata'ita'i e tolu i le masina o Aukuso 2024. O nei algorithms ua mamanuina e tete'e atu ai i osofa'iga mai komipiuta fa'akomepiuta ma masani, fa'amautinoaina le saogalemu umi e tusa lava po'o le a le vave o le aga'i i luma o meafaigaluega quantum.

ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism, sa avea muamua ma CRYSTALS-Kyber) e fa'atautaia le vaega fa'afesuia'i autu o le lululima TLS. E suitulaga i le ECDH e ala i le fa'aogaina o le ma'a'a numera o fa'afitauli lattice fa'atulagaina, lea e tumau pea le fa'alavelave e o'o lava i komepiuta quantum. O le ML-KEM e mata'ina le lelei - o ona lapopo'a e sili atu nai lo le ECDH (e tusa ma le 1,568 paita mo ML-KEM-768 fa'asaga i le 32 paita mo le X25519), ae la'ititi la'ititi le fa'asologa o mea, e masani ona vave nai lo fa'agaioiga fa'asolosolo elliptic masani.

ML-DSA(Module-Lattice-Based Digital Signature Algorithm, formerly CRYSTALS-Dilithium) andSLH-DSA(Stateless Hash-Based Digital Signature Algorithm, formerly SPHINCS+) address authentication — proving that the server you're connecting to is genuinely. ML-DSA o lo'o ofoina mai saini fa'apitoa e talafeagai mo le tele o talosaga, a'o le SLH-DSA e tu'uina atu se fa'afouga fa'asao fa'avae na'o luga o galuega fa'aoga, e ofoina atu le puipuiga loloto pe a fai e fa'avaivaia manatu fa'avae lattice.

Aiga Fa'atosina: O le Auala Fa'ata'ita'i i le Saogalemu Quantum

E leai se inisinia tau puipuiga o lo'o fautua mai se suiga i le po. Nai lo lena, o le alamanuia ua faʻafeiloaʻi i luga o seauala faʻapipiʻie tuʻufaʻatasia se algorithm masani ma se post-quantum algorithm i TLS taʻaloga uma. Afai o le post-quantum algorithm e foliga mai o loʻo i ai se faʻafitauli e leʻi iloa, o loʻo puipuia pea e le algorithm masani le fesoʻotaʻiga. Afai e talepe e se komepiuta quantum le algorithm masani, o le post-quantum algorithm e umia le laina. E na'o le leiloa o le puipuiga pe a fa'afefeteina mea uma e lua i le taimi e tasi - o se fa'aaliga e le taumateina.

Chrome ma Firefox ua uma ona lagolagoina le X25519Kyber768 hybrid key exchange e ala i le faaletonu i le amataga o le 2025, o lona uiga o le faitau miliona o HTTPS fesoʻotaʻiga i aso taʻitasi ua leva ona saogalemu i le itu autu o fefaʻatauaiga. Ua lipotia mai e Cloudflare e sili atu i le 35% o ana TLS 1.3 fefaʻatauaʻiga e faʻaogaina ai le maliliega autu o le post-quantum. AWS, Microsoft Azure, ma Google Cloud ua faʻafeiloaʻi uma filifiliga TLS-safe mo a latou auaunaga faʻatautaia. O le suiga o lo'o tupu vave nai lo le tele o pisinisi e iloa.

O le tau o le malaga atu i quantum-safe HTTPS e fuaina i itula fa'ainisinia ma ta'amilosaga su'ega. O le tau o le le faimalaga e fuaina i le fetuunaiga tumau o mealilo uma na faʻasalalau e lau pisinisi. O le fa'apipi'i fa'ato'aga e fa'ate'aina ai le mana'oga e filifili i le va o le saogalemu ma le fa'aeteete - e te maua uma.

O Mea Moni o Fa'atinoga: Latency, Bandwidth, ma le Fa'atalofa i luga ole ulu

O se tasi o atugaluga muamua e uiga i le post-quantum cryptography o le faʻaleagaina o faʻatinoga. Ole lapopoa o ki ma saini o lona uiga o le tele o paita ile uaea ma e ono faagesegese ai le faatalofa. O le fa'atinoina o le lalolagi ua fa'aalia ai o nei atugaluga e tele lava ina mafai ona fa'afoeina, ae e le'o leai.

Mo fefa'ataua'iga autu, ML-KEM-768 fa'aopoopo pe tusa ma le 1.1 KB i le TLS lulu lima fa'atusatusa i le X25519 na'o. I le faiga fa'afefiloi (X25519 + ML-KEM-768), o le aofa'iga fa'aopoopo fa'aopoopo e tusa ma le 1.2 KB. I luga o feso'ota'iga fa'aonaponei, e fa'aliliuina i le fa'atupula'ia fa'aletonu - e masani lava i lalo ole 1 millisecond i feso'ota'iga lautele. O faʻamaumauga o gaosiga a Cloudflare na faʻaalia ai le leai o se aafiaga fuaina i taimi o uta itulau mo le toʻatele o tagata faʻaoga. Peita'i, i luga o feso'ota'iga fa'atapula'aina (so'oga satelite, masini IoT, itulagi e fa'atapula'a le bandwidth), e mafai ona fa'aopoopoina le pito i luga, ae maise lava pe a iai fo'i i filifili o tusi pasi ni saini pe a mae'a.

💡 DID YOU KNOW?

Mewayz replaces 8+ business tools in one platform

CRM · Invoicing · HR · Projects · Booking · eCommerce · POS · Analytics. Free forever plan available.

Start Free →

O saini fa'amaoni e iai se lu'i tele. ML-DSA-65 saini e tusa ma le 3.3 KB fa'atusatusa i le 64 paita mo ECDSA-P256. Afai e ave e tusi faamaonia uma i totonu o se filifili se saini post-quantum, e mafai e se filifili masani e tolu-tusitusi ona faaopoopo le 10 KB pe sili atu i le lululima. O le mea lea o loʻo suʻesuʻeina ai e le alamanuia auala e pei o le faʻapipiʻiina o tusi faamaonia, Merkle Tree Certificates, ma le TLS-level optimizations e faʻatumauina ai le tele o limalima. Pisinisi o lo'o fa'atautaia fa'asalalauga fa'atasi ai ma fa'avae tagata fa'aoga i le lalolagi atoa - ae maise lava i latou o lo'o tautuaina tagata fa'aoga feavea'i i maketi o lo'o fa'atu mai - e tatau ona fa'avasega lelei nei a'afiaga.

O a Pisinisi e Tatau Ona Faia Nei: Se Lisi Fa'ata'ita'i Femalaga'iga

Quantum-safe migration e le o se mea e tasi ae o se fa'agasologa fa'asolosolo. O fa'alapotopotoga o lo'o amata su'esu'eina a latou fa'alagolago i le cryptographic i aso nei o le a sili atu ona lelei tulaga nai lo i latou o lo'o fa'atali mo tulafono fa'atonutonu. Ole auivi fa'atino mo le amataina o le suiga:

  1. Fa'atino se su'esu'ega fa'ata'otoga. Fa'ailoa so'o se faiga, fa'asologa, ma faletusi e fa'aogaina le RSA, ECDSA, ECDH, po'o le Diffie-Hellman. E aofia ai fa'atonuga TLS, faitoto'a API, VPN, saini fa'ailoga, fa'ailoga fa'amaumauga, ma tu'ufa'atasiga isi vaega.
  2. Fa'amuamua e ala i fa'amatalaga ma'ale'ale ma le umi o le ola. O faiga e fa'afoeina fa'amaumauga tau tupe, fa'amaumauga o le soifua maloloina, pepa fa'aletulafono, po'o fa'amatalaga patino e tatau ona fa'alilolilo mo le tele o tausaga e tatau ona alu muamua. "Seleseleina nei, fa'amama mulimuli" e fa'amuamua ai mealilo ua leva.
  3. Ia fa'aagaoioi le hybrid post-quantum TLS i fa'ai'uga fa'asaga i tagata lautele. Afai o au atina'e o lo'o i tua o Cloudflare, AWS CloudFront, po'o CDN tutusa, atonu ua uma ona e maua le fa'afesuia'iga ki quantum-safe. Fa'aaga manino ma fa'amaonia i meafaigaluega e pei o Qualys SSL Labs po'o le Su'ega Su'ega a le Poloketi Open Quantum Safe.
  4. Fa'afou faletusi cryptographic. Ia mautinoa o lo'o fa'aogaina e lau tech stack faletusi e lagolagoina le ML-KEM ma le ML-DSA — OpenSSL 3.5+, BoringSSL, liboqs, po'o le AWS-LC. Fa'amau i fa'aliliuga e aofia ai fa'atinoga fa'ai'u a le NIST, ae le o fa'ata'ita'iga.
  5. Su'ega mo le fetaui ma le fa'atinoina o galuega. E mafai ona fegalegaleai le lelei o lululima tetele ma atigipusa, puipui afi, ma fa'aputuga o uta tuai e fa'agata ai le tele o fe'au TLS ClientHello. Na maua e Google lenei mea i le amataga o le fa'alauiloaina o Kyber ma sa tatau ona fa'atino ni fofo.
  6. Fa'atūina se fuafuaga fa'ata'ita'i. O lona uiga o le fa'ate'aina o fa'agaioiga crypto i tua atu o feso'ota'iga e mafai ona fa'aogaina ma 'alo'ese mai filifiliga fa'aoga algorithm.

Mo fa'avae e pei o leMewayze fa'atautaia fa'amatalaga ma'ale'ale pisinisi i luga o le 207 fa'apipi'i modules - mai fa'amaumauga a le CRM ma le fa'ailoga i totogi, HR, ma au'ili'ili - o le lautele o le fa'alagolago i le cryptographic e tele. O vala'au uma API i le va o modules, so'o se webhook i auaunaga isi vaega, so'o se fa'aoga fa'aoga o lo'o tauaveina fa'amatalaga tau tupe po'o tagata faigaluega o lo'o fa'atusalia se fa'ailoga fa'ailoga e tatau ona iu lava ina suiga i tulaga fa'amautu-saogalemu. O lo'o i ai se avanoa lelei iinei: fa'aleleia le vaega autu o le TLS ma faletusi fa'asalalau fa'asoa e mafai ona fa'aola le puipuiga i modules uma i le taimi e tasi, nai lo le mana'omia o le toe fa'aleleia o module-ma-module.

Ua Faatelevaveina le Fa'afanua Fa'atonutonu

E le'o fa'atali le malo mo le taunu'u mai o komepiuta quantum a'o le'i fa'atonuina le gaioiga. O le National Security Memorandum NSM-10 (2022) a le Iunaite Setete na faʻatonuina ofisa feterale e suʻesuʻe a latou faiga faʻapipiʻi ma atiaʻe fuafuaga o femalagaiga. Ole Quantum Computing Cybersecurity Preparedness Act e manaʻomia ai lala sooupu e faʻamuamua le faʻaaogaina o faʻataʻitaʻiga faʻataʻitaʻiga. CISA's quantum saunia ta'iala o lo'o fa'ailoa manino mai le fa'apipi'iina e amata vave. O lo'o fa'aofi mai e le Iuni a Europa le fa'amaoniaina o mea e mana'omia pe a mae'a le quantum, ma o pulega fa'aletupe e aofia ai ma le Faletupe mo Fa'ava-o-malo ua fa'ailogaina tulaga lamatia i la latou ta'ita'iga.

Mo pisinisi o lo'o fa'agaoioia i alamanuia fa'atulafonoina - tupe, tausiga fa'alesoifua maloloina, fa'akonekarate a le malo, fa'amaumauga SaaS - fa'agata fa'asologa o taimi. Kamupani o loʻo faʻaaogaina ma le faʻamalosi HTTPS quantum-safe o le a aloese mai le faʻamalosi pe a faʻamaonia tulafono. Ae sili atu le taua, o le a mafai ona latou faʻaalia i tagata faʻatau ma paʻaga o latou faʻamaumauga o faʻamaumauga o faʻamaumauga mo faʻamataʻu faʻaalia, ae le naʻo mea o loʻo iai nei. I maketi fa'atauva'a o lo'o iai le fa'atuatuaina o se fa'aeseesega, o lenei tulaga saogalemu o lo'o va'ai i luma e iai le tau fa'atauga moni.

Fausiaina o se Lumana'i Maufetuuna'i, Tasi Lōlima i le Taimi

O le suiga i le quantum-safe HTTPS o le tele lea o femalagaiga fa'ata'oto i le tala fa'asolopito o le initaneti. E paʻi atu i soʻo se server, soʻo se suʻesuʻega, soʻo se telefoni feaveaʻi, soʻo se API, ma soʻo se IoT masini e fesoʻotaʻi i luga ole TLS. O le tala fiafia o le faʻamautuina o tulaga, o faʻatinoga o loʻo matua, ma o le faʻatinoga o luga o loʻo faʻamaonia lelei. O le fa'ata'ita'iga fa'apipi'i tu'ufa'atasia o lona uiga e mafai e pisinisi ona fa'atupu fa'atupula'ia le tete'e, e aunoa ma le ositaulagaina o feso'ota'iga po'o le fa'alavelaveina.

O le a le mea e tuueseese ai faʻalapotopotoga o le a faʻatautaia lelei lenei suiga mai i latou o le a faʻalavelave o le taimi lava e amata ai. Cryptographic agility - o le gafatia e faʻaleleia lou tulaga saogalemu e pei o faʻamataʻu ma suiga tulaga - e tatau ona avea ma se faʻavae mamanu, ae le o se mafaufauga mulimuli. Mo fa'alapotopotoga fa'apisinisi o lo'o fa'atautaia le tele o fa'amaumauga fa'agaioiga, mai feso'ota'iga a tagata fa'atau ma fefa'ataua'iga tau tupe i fa'amaumauga a tagata faigaluega ma au'ili'ili paipa, e le mafai ona maualuga atu le tulaga o le mauaina o lenei sa'o. O le quantum lumana'i e le o se mea mamao. Ose femalaga'iga e amata ile isi lau fa'agaioiga.

Fa'amama lau Pisinisi ma Mewayz

Mewayz e aumaia 207 pisinisi modules i totonu o le tulaga e tasi — CRM, invoicing, project management, ma isi mea. Auai i le 138,000+ tagata fa'aoga na fa'afaigofie a latou galuega.

Amata Saoloto i le Aso →

Fesili e Fai soo

O le a le quantum-safe cryptography?

Quantum-safe cryptography (e taʻua foʻi post-quantum cryptography poʻo le PQC) e faʻatatau i faʻataʻitaʻiga algorithms fou ua fuafuaina e puipuia mai osofaʻiga mai komepiuta masani ma quantum. E le pei o tulaga o iai nei e pei o le RSA, lea e fa'alagolago i fa'afitauli o le numera e mafai e komipiuta quantum ona faigofie ona fo'ia, o le PQC e fa'avae i lu'itau fa'a-matematika lavelave e talitonu e faigata i so'o se komepiuta ona malepe. O le fa'aaogaina o nei algorithms e fa'amautinoa ai e tumau pea le saogalemu o au feso'ota'iga HTTPS i le lumana'i.

O afea e tatau ai ona ou popole i la'u fa'ailoga HTTPS o iai nei?

O le fa'alavelave fa'afuase'i o osofa'iga "seleni nei, fa'amama mulimuli", lea e gaoia ai e fili fa'amatalaga fa'ailoga i aso nei e talepeina mulimuli ane pe a iai se komipiuta malosi. E ui e le'i o'o mai i inei ni komepiuta lapopo'a, o le femalaga'iga i tulaga fa'amautu-saogalemu e umi se taimi. O le amataina o le suiga i le taimi nei e taua tele mo le puipuia o faʻamatalaga mo se taimi umi. Mo pisinisi o lo'o fausia ni faiga fou, ua ofoina atu e Mewayz le silia ma le 207 a'oa'oga fa'akomepiuta mo le saogalemu i le lumana'i mo na'o le $19/masina.

O le a le matafaioi a le NIST ile quantum-safe cryptography?

O lo'o fa'atautaia e le National Institute of Standards and Technology (NIST) se fa'agasologa mo le tele o tausaga e fa'ata'atia ai fa'ata'ita'iga fa'ata'otoga fa'atatau i le quantum-safe. I le 2024, na faʻamaeʻaina ai e le NIST ana uluaʻi filifiliga, o se laasaga taua mo tagata faʻatau ma tagata atiaʻe e amata faʻatino nei tulaga fou i polokalama ma masini. O lenei fa'ata'atiaga e fa'amautinoa ai le felagolagoma'i ma maua ai se auala manino, fa'amaonia mo fa'alapotopotoga e mulimuli ai pe a fa'aleleia lo latou saogalemu.

O le a le faigata o le fa'aleleia i le quantum-safe HTTPS?

O le fa'aleleia o se galuega taua e aofia ai le fa'afouina o 'upega tafa'ilagi, polokalama fa'akomepiuta, ma tusi pasi numera. E le na o se ki faigofie; e mana'omia le fuafuaina ma le su'ega ina ia mautinoa le fetaui. Peita'i, o le vave amataina o a'oa'oga a lau 'au e fa'afaigofie ai le faiga. Platforms e pei o Mewayz e maua ai ala a'oa'oga fa'atulagaina ma 207 modules, e fa'ataugofie ($19/masina) e fa'aola vave ai au atina'e i fa'amatalaga fa'atinoga ma faiga sili.

Try Mewayz Free

All-in-one platform for CRM, invoicing, projects, HR & more. No credit card required.

Start Free Try Demo

Start managing your business smarter today

Join 30,000+ businesses. Free forever plan · No credit card required.

Start Free → Watch Demo
Found this useful? Share it.
X / Twitter LinkedIn Facebook WhatsApp

Ready to put this into practice?

Join 30,000+ businesses using Mewayz. Free forever plan — no credit card required.

Start Free Trial →

Related articles

Hacker News

An old photo of a large BBS

Mar 12, 2026

Hacker News

White House plan to break up iconic U.S. climate lab moves forward

Mar 12, 2026

Hacker News

Launch HN: IonRouter (YC W26) – High-throughput, low-cost inference

Mar 12, 2026

Hacker News

Bubble Sorted Amen Break

Mar 12, 2026

Hacker News

Show HN: Understudy – Teach a desktop agent by demonstrating a task once

Mar 12, 2026

Hacker News

Converge (YC S23) Is Hiring a Founding Platform Engineer (NYC, Onsite)

Mar 12, 2026

Ready to take action?

Start your free Mewayz trial today

All-in-one business platform. No credit card required.

Start Free →

14-day free trial · No credit card · Cancel anytime