[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-relays] Re: Post-Quantum Cryptography in Tor's TLS Layer: Help needed!
- To: tor-relays@xxxxxxxxxxxxxxxxxxxx
- Subject: [tor-relays] Re: Post-Quantum Cryptography in Tor's TLS Layer: Help needed!
- From: Alexander Hansen Færøy via tor-relays <tor-relays@xxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 18 Jun 2026 19:40:46 +0200
- Cc: Alexander Hansen Færøy <ahf@xxxxxxxxxxxxxx>
- In-reply-to: <81f80313-758d-4617-bd96-8b68c8ebf634@torproject.org>
- List-id: "support and questions about running Tor relays (exit, non-exit, bridge)" <tor-relays.lists.torproject.org>
- References: <02da1ac4-c6ea-4163-9ab8-361ecf26a1c2@torproject.org> <20260301111234.00006133@quantentunnel.de> <81f80313-758d-4617-bd96-8b68c8ebf634@torproject.org>
- Reply-to: "support and questions about running Tor relays (exit, non-exit, bridge)" <tor-relays@xxxxxxxxxxxxxxxxxxxx>
- User-agent: Mozilla Thunderbird
Hello Tor Relay Operators!
I did a scan of the network again yesterday. Here're the numbers that you can
compare against our numbers from March:
Scan Stats:
- 9707 relays were reachable.
- 106 relays were unreachable.
Cipher Suites:
- `TLS13_AES_256_GCM_SHA384`: 9517.
- `TLS13_CHACHA20_POLY1305_SHA256`: 155.
- `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`: 32.
- `TLS13_AES_128_GCM_SHA256`: 3.
Key Exchange Groups:
- `X25519`: 4827.
- `X25519MLKEM768`: 4326.
- `secp256r1`: 554.
Directory Authorities:
- 10 out of 10 were reachable.
- `TLS13_AES_256_GCM_SHA384` was used by all 10.
- `X25519` was used by 5, and `X25519MLKEM768` was used by 5.
4326 / 9707 * 100 = 44.57% of the relays support PQC handshakes right now.
It's great to see that we have over 1000 more relays supporting PQC, but we are
still a bit away from being able to enforce PQC in any possible manner here.
I've updated the list of relays and what they support here:
https://ahf.me/tor-tls-pqc/2026-06-18/
If your relay does not yet support the `X25519MLKEM768` group, it would be
really lovely if you could look into upgrading your TLS library (OpenSSL >=
3.5.0 and LibreSSL >= 4.3.0) used by your relay.
Thanks all for running relays! <3
Cheers,
Alex
On 02/03/2026 14.29, Alexander Hansen Færøy via tor-relays wrote:
The summary of yesterday's scan is as follows:
Scan Stats:
- 9562 relays were reachable.
- 158 relays were unreachable.
Cipher Suites:
- `TLS13_AES_256_GCM_SHA384`: 9352.
- `TLS13_CHACHA20_POLY1305_SHA256`: 165.
- `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`: 39.
- `TLS13_AES_128_GCM_SHA256`: 6.
Key Exchange Groups:
- `X25519`: 5350.
- `X25519MLKEM768`: 3313.
- `secp256r1`: 899.
Directory Authorities:
- 10 out of 10 were reachable.
- `TLS13_AES_256_GCM_SHA384` was used by all 10.
- `X25519` was used by 5, and `X25519MLKEM768` was used by 5.
3313 / 9562 * 100.0 = 34.65% of relays are supporting the `X25519MLKEM768` PQC
handshake in the network right now.
--
Alexander Hansen Færøy
_______________________________________________
tor-relays mailing list -- tor-relays@xxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to tor-relays-leave@xxxxxxxxxxxxxxxxxxxx