Post‑Quantum Readiness: Standards‑Only Rollout That Won’t Break Production

Why this matters

• Investor confidence: a credible, standards‑only path reduces cryptographic risk without novel schemes.
• Operational safety: hybridization and cross‑signing prevent client breakage while we migrate.
• Auditability: we ship posture metrics (success rate, latency, sizes, constant‑time checks) with every release.

What we shipped

• Hybrid KEM on transport: enable x25519_mlkem768 alongside classical groups for mTLS/gRPC and QUIC; browsers stay classical until ecosystem support is universal.
• Dual‑signing: sign artifacts with ML‑DSA and current scheme; verify both paths in CI/CD; record sizes and verification time.
• Internal PKI cross‑sign: ML‑DSA leafs cross‑signed by the existing chain for controlled mTLS clients.
• Evidence by default: posture JSON includes success rate, p95 handshake latency deltas, payload sizes, versions, and constant‑time checks.

Adoption plan (that won’t hurt users)

1. Stage: PQ‑only, classical‑only, and hybrid clients all succeed in staging.
2. Canary: 1% → 25% → 100% rollout with rollback switch; monitor negotiated groups and failure reasons.
3. Dual‑sign everywhere: code signing and image attestation accept both signatures; warn, don’t fail, when PQ verification is unavailable.
4. Public TLS later: move public endpoints when OS/browsers normalize PQC roots.

Commercial impact

• Procurement‑ready: auditors see signed posture metrics, not claims.
• Low integration friction: hybrid keeps SLAs stable; no mass client upgrades day‑one.
• Future‑proof: no novelty risk; we track NIST families and vendor HSM/KMS support.

What we did not do

No bespoke cryptography. No security claims tied to research math. PQC is standards‑only.

Get the details

• Hybrid KEM guide: docs/pqc/hybrid-kem.md
• Dual‑signing rollout: docs/pqc/code-signing-dual.md
• Posture schema: docs/pqc/evidence-schema.json

Request a Pilot • Contact Sales