GnuTLS — Post-Quantum Cryptography Analysis
GnuTLS is a widely-deployed TLS library used in Linux distributions, GNOME, and server software. It supports RSA, ECDSA, and DHE — all quantum-vulnerable for key establishment. GnuTLS 3.8.x added experimental support for X25519 MLKEM (hybrid PQC) in TLS 1.3, but this is not default. The majority of deployed GnuTLS configurations use classical algorithms exclusively.
Findings
RSA-2048 (TLS key exchange / certificates)lib/pk.cDefault RSA key size. TLS handshakes using RSA key exchange are vulnerable to HNDL attacks.
ECDHE P-256 (default key exchange)lib/handshake.cTLS 1.3 default cipher suite uses ECDHE for forward secrecy — quantum-vulnerable.
DHE (TLS 1.2 compatibility)lib/dh.cFinite-field Diffie-Hellman. Quantum-vulnerable, also weak for short groups (<3072 bits).
ECDSA certificate validationlib/x509/verify.cCertificate chain validation using ECDSA signatures. Quantum-vulnerable for long-lived CAs.
Compliance note
TLS libraries are a top priority for post-quantum migration — they protect data in transit for billions of connections. HNDL (Harvest Now, Decrypt Later) attacks mean data transmitted today over classical TLS can be decrypted when quantum hardware matures. Enable GnuTLS hybrid PQC mode for all new deployments.
Is your codebase using any of these algorithms?
QuantumScan checks your repo in ~90 seconds. Free. No account needed. Supports GitHub, GitLab, Bitbucket, and ZIP uploads.
Run a free scan →