Akamai is pleased to announce support for post-quantum cryptography (PQC) on the Akamai edge. This capability allows customers to opt into support of the Transport Layer Security (TLS) version 1.3 hybrid key group X25519MLKEM768 based on the U.S. National Institute of Standards and Technology (NIST) FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) standard.
The feature will be available to all Akamai Ion and Akamai Dynamic Site Accelerator customers (on Enhanced TLS) at no additional cost.
Protect data to the maximum extent
Most modern browsers, including Google Chrome and Mozilla Firefox, already support this key group by default and will immediately begin negotiating it once the feature is enabled. Clients that do not yet support PQC will transparently — and without any performance overhead — negotiate the classic key groups just as before.
This feature is independent of the post-quantum cryptography to origin capability we introduced on June 30, 2025. Customers are encouraged to opt into both features to protect their users' data to the maximum extent.
As we outlined in a previous blog post, we are looking to complete the PQC update for the final leg (Akamai-to-Akamai connections) transparently across all of Akamai’s networks between Q4 2025 and Q1 2026.
To ensure that all client connections to Akamai's edge can be quantum safe, we plan on enabling PQC by default for all Enhanced TLS customers in Q1 2026. Until then, please contact your Akamai account team to enable this feature, and read this TechDocs article for more details.
Stay tuned
Over the last few months, we have been providing a number of updates in a series of blog posts on our adoption of PQC. For more updates on our post-quantum journey and to learn more about ongoing developments in the field of PQC, stay tuned for our next blog posts.
Tags