NordVPN Adds NIST-Approved Quantum Encryption on the Linux Client

NordVPN, one of the world's leading VPN service providers, has launched its first application featuring quantum-resilient encryption.

Post-quantum cryptography support is currently available on NordVPN's Linux client, with plans to extend this security to all applications by the first quarter of 2025. The move represents a significant step toward preparing for potential future threats posed by quantum computing.

According to Marijus Briedis, CTO of NordVPN, quantum computers represent a looming challenge to cybersecurity. “Trends show that cybercriminals are intensifying what is known as ‘harvest now, decrypt later' attacks,” Briedis explained. “Simply put, they are trying to accumulate huge quantities of encrypted data and decrypt them once quantum technology is developed. Thus, the VPN industry must enter a new phase of development to defend against future quantum computing threats.”

The implementation of post-quantum encryption is timely, as the National Institute of Standards and Technology (NIST) recently announced its first post-quantum cryptographic standards. VPNs, which rely on cryptographic protocols to secure data and communications, must adopt these emerging standards to remain secure against the evolving capabilities of quantum computing.

You can learn more about NordVPN here.

A Hybrid Approach Using ML-KEM (Kyber)

NordVPN's quantum-resilient encryption uses the ML-KEM algorithm, also known as Kyber, and employs a hybrid approach. This process starts by establishing a standard WireGuard session, followed by a pre-shared key (PSK) exchange within the session based on the ML-KEM algorithm. Once the PSK is exchanged, both client and server use a non-zero-filled 32-byte PSK to add an additional layer of quantum-secure encryption to the session.

This hybrid implementation helps ensure robust protection without compromising performance. However, integrating post-quantum algorithms poses technical challenges, primarily due to their larger key sizes and signatures, which can increase computational overhead and affect the VPN's speed.

Why Start with Linux?

NordVPN chose to begin the rollout of post-quantum encryption with its Linux client to gather performance data and insights from an advanced user base. Linux users are generally more tech-savvy, which allows the NordVPN team to identify potential improvements or issues before deploying the solution to a broader audience. This approach will help fine-tune the post-quantum cryptography for performance metrics like connection times and speed.

“These technical challenges are the reason for the gradual implementation of post-quantum cryptography support to our applications. We want to be completely sure that we will keep the highest level of user experience in terms of connection time and speed during the transition,” said Briedis

NordVPN aims to introduce this post-quantum encryption capability to all its applications by 2025, ensuring that the company remains prepared for future quantum threats. The rollout on the Linux platform will serve as a testing ground to optimize the encryption's performance and ensure that the switch to quantum-resistant cryptography does not negatively impact user experience on platforms that have significantly larger userbases.

As Briedis mentions, agility will be key, “NordVPN aims to ensure that applications are both quantum-resistant and agile in cryptographic management. As cryptographic needs evolve, the demand for crypto-agility that enables systems to adapt to new cryptographic standards seamlessly will be essential.”

NordVPN is renowned for its focus on privacy, security, and performance, running an extensive network of 6,400 servers across 111 countries. Check out our in-depth NordVPN review for more details, and you can also take advantage of a limited-time 74% off deal on 2-year subscriptions.