Prepare for a post-quantum future with RHEL 9.7

Are you excited to try out post-quantum cryptography in Red Hat Enterprise Linux (RHEL), but you haven’t yet upgraded to RHEL 10? Our efforts to ensure that you’re ready to make the switch, and to prepare your organization for "Q-Day", now start with RHEL 9.7. By getting started now, you can proactively begin strengthening your security posture and preparing for a seamless transition to RHEL 10.

RHEL 9 was released in 2022 and was an important step forward from a security perspective. It was the first version of RHEL that received FIPS 140-3 certification, matching current security requirements. However, a lot has happened since 2022. Security requirements have changed, and the era of post-quantum cryptography has arrived. For the sake of performance and stability, these new cryptographic algorithms can’t be backported to earlier versions of most software the way many organizations have come to expect. Upgrading software today to bring continued stability, functionality, and protection in the post-quantum era is a must, and RHEL 9.7 can be your first step.

RHEL 9.7 is a crucial stepping stone for your post-quantum transition. It gives you the opportunity to gain practical experience with post-quantum cryptography, and to understand its implications for your specific workloads. You can also identify any necessary application or infrastructure adjustments before you undertake a full upgrade to RHEL 10, which offers the most comprehensive post-quantum cryptography implementation.

Critical libraries and applications

A sudden, forced transition to post-quantum cryptography when quantum threats become imminent (Q-Day, currently estimated at 2030) could disrupt your business’s operations. Thorough testing allows you to identify and resolve compatibility issues, performance impacts, and integration challenges in a controlled environment so you can take action before Q-Day.

Governments and regulatory bodies are increasingly considering post-quantum cryptography mandates. Early testing with RHEL 9.7 helps enterprises to meet future compliance requirements without last-minute scrambling to a major upgrade. It provides ample time to address any challenges encountered early in development and deployment cycles.

RHEL 9.7 brings limited post-quantum cryptography functionality to an earlier, stable release of RHEL. This allows you to begin experimenting and verifying post-quantum cryptography within your existing RHEL 9 environments to prepare them for RHEL 10. A significant share of RHEL components relies on three major cryptographic libraries: NSS, GnuTLS, and OpenSSL. To begin using PQC, those libraries must be updated.

RHEL 9.7 includes stable updates for OpenSSL, which supports server-side applications, and NSS, which is widely used in client software. With RHEL 9.7, your applications relying on these libraries can start utilizing post-quantum cryptography, providing you with valuable testing opportunities for real-world scenarios.

For NSS, we provide the latest relevant version, which supports post-quantum algorithms. For OpenSSL, the long-term support version 3.5 brings several useful post-quantum features.

Disruption on your own terms

To avoid immediate disruption, RHEL 9.7 doesn’t enable post-quantum cryptography algorithms by default. However, you can opt in to post-quantum cryptography crypto policies, which allows for controlled testing and gradual integration into your systems, mirroring the similar approach of RHEL 10. This helps you understand how to manage post-quantum cryptography within Red Hat’s crypto-policy framework before you need it fully enabled in RHEL 10. We recommend that you enable post-quantum cryptography for key exchange (hybrid ML-KEM algorithms) to help protect systems from “harvest now, decrypt later” attacks and to provide the critical protection required in regulated environments. This feature provides an early testing ground for organizations with strict compliance requirements.

For functionality, and to reduce disruption in customer environments when deployed, OpenSSH in RHEL 9.7 does not yet have post-quantum safe ML-KEM based key exchange, due to lack of widespread use. To get started with post-quantum OpenSSH, consider upgrading to RHEL 10.

FIPS requirements allow the combination of the output of a FIPS-certified algorithm with supplementary data for hybrid key exchange mechanisms, which is crucial to maintain a validated and certified provider. As protection against “harvest now, decrypt later” threats, and to support the requirements for FIPS environments, components based on OpenSSL in RHEL 9.7 can use a hybrid ML-KEM key exchange even in FIPS mode while using a certified module.

Take the first step

From the post-quantum transition perspective, RHEL 9.7 is a good first step to transition from classical cryptography to post-quantum. You get the same stability (one of the main expectations from minor releases), and you strengthen your security posture beyond what is currently available today. Efforts to bring limited post-quantum cryptography support into RHEL 9.7 are designed to help you begin transitioning, and to ready your organization for the successful adoption of comprehensive post-quantum cryptography in RHEL 10 before Q-Day.