← Docs
Recipe

Post-quantum crypto migration plan

A phased roadmap for migrating Meridian signing and key-exchange primitives to quantum-resistant algorithms before harvest-now-decrypt-later becomes practical.

Phase 1 — Inventory

  • Audit every Ed25519 keypair used for loader signing and license issuance.
  • Catalog all ChaCha20-Poly1305 session keys exchanged during auth handshakes.
  • Identify HMAC-SHA512 integrity seals on offline grace caches.

Phase 2 — Hybrid handshake

  • Augment Ed25519 key agreement with Kyber-1024 encapsulation in parallel.
  • Derive a combined shared secret via HKDF-SHA3-256 from both outputs.
  • Deploy behind a feature flag; fall back to classical-only if Kyber handshake fails.

Phase 3 — Signing agility

  • Add SPHINCS+ secondary signature alongside Ed25519 in the loader PE certificate table.
  • Update the auto-update CDN to serve dual-signed payloads.
  • Keep Ed25519 as the primary verifier until NIST standards finalize.

Phase 4 — Full cutover

  • Deprecate classical-only license tokens after a 12-month coexistence window.
  • Rotate all root signing keys to ML-DSA-87 (FIPS 204).
  • Archive old Ed25519 public keys in a hardware-backed audit log.

Timeline: Phase 1–2 complete within 6 months. Phase 3–4 gated on NIST IR 8547 finalization. All primitives sourced from liboqs via the Meridian native loader shim.