Primary Investigator:
Manghui Tu

Project Members
Zane Winders

Quantum computing poses an imminent threat to classical public-key cryptography, enabling Harvest Now, Decrypt Later (HNDL) attacks in which adversaries store encrypted traffic today to decrypt once large-scale quantum computers become available. This study examines quantum-safe hybrid key exchange (KEX) in OpenSSH as a near-term mitigation strategy, combining classical x25519 with post-quantum schemes ML-KEM-768 and NTRU Prime (sntrup761) to provide defense-in-depth against both classical and quantum adversaries. While NIST has standardized lattice-based post-quantum cryptography (PQC), empirical data on real-world deployment, performance, and organizational readiness for hybrid KEX remains limited.