When curl is built with wolfSSL as the TLS backend, you can get ML-KEM and ML-DSA post-quantum algorithm support in TLS 1.3, provided wolfSSL was configured with --enable-curl, --enable-mlkem and --enable-mldsa.

Getting started with wolfSSL? Download the latest libraries here and start exploring.

The following ML-KEM groups are available: Pure ML-KEM (post-quantum only)

ML_KEM_512 ML_KEM_768 ML_KEM_1024

Hybrid ML-KEM (ECDH + post-quantum)

SecP256r1MLKEM512 - P-256 + ML-KEM-512 SecP384r1MLKEM768 - P-384 + ML-KEM-768 SecP521r1MLKEM1024 - P-521 + ML-KEM-1024 SecP256r1MLKEM768 - P-256 + ML-KEM-768 SecP384r1MLKEM1024 - P-384 + ML-KEM-1024 X25519MLKEM768 - X25519 + ML-KEM-768

At the command line, these can be used with the --curves option:

curl --curves X25519MLKEM768 https://127.0.0.1

For ML-DSA, the only thing that is required is that the server’s certificate chain has an ML-DSA public key in the leaf certificate. That’s it!

Try this out with our post-quantum web server integrations:

https://github.com/wolfSSL/osp/blob/master/apache-httpd/README_post_quantum.md https://github.com/wolfSSL/osp/tree/master/lighttpd/lighttpd-1.4.50 https://github.com/wolfssl/wolfssl-nginx?tab=readme-ov-file#post-quantum-algorithms

If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.

Download wolfSSL Now