Configuring SSL for post-quantum hybrid key exchange

Neo4j can be configured to use post-quantum hybrid key exchange when using the OpenSSL provider. This makes Neo4j more resilient to post-quantum attacks.

Using post-quantum hybrid key exchange

You can enable post-quantum hybrid key exchange by configuring Neo4j to use the OpenSSL provider and ensuring that OpenSSL 3.5 or later is installed on the machine running Neo4j. With this configuration, Neo4j automatically negotiates the use of post-quantum hybrid key exchange with clients that support it, while still maintaining compatibility with clients that do not. For details on configuring Neo4j to use the OpenSSL provider, see SSL Providers.

Keep in mind that using the post-quantum hybrid key exchange key will be available on the server, but there will also be a fallback to other key exchange algorithms if the client does not support it.

If you want to require the use of post-quantum hybrid key exchange, you can configure OpenSSL on the host machine to only allow post-quantum hybrid key exchange groups. See Using only post-quantum hybrid key exchange for instructions.

To verify that the post-quantum hybrid key exchange is working correctly, open a connection to the database with openssl s_client by restricting the key exchange algorithm to the post-quantum hybrid exchange group X25519MLKEM768:

openssl s_client -connect localhost:7687 -groups X25519MLKEM768

If you are using self-signed certificates, you may also need to provide the certificate file to openssl. For example:

openssl s_client -connect localhost:7687 -groups X25519MLKEM768 -CAfile "path_to_self_signed_cert"

The openssl console output should indicate that the connection is successful and that the post-quantum hybrid exchange group X25519MLKEM768 is being used.

No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: rsa_pss_rsae_sha256
Negotiated TLS1.3 group: X25519MLKEM768

Using only post-quantum hybrid key exchange

You can require the use of X25519MLKEM768, configure OpenSSL on the host machine so that only post-quantum hybrid key exchange is possible.

For example, in your OpenSSL configuration file openssl.conf:

OpenSSL configuration requiring post-quantum hybrid key exchange

openssl_conf = default_conf

[default_conf]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
Groups = X25519MLKEM768

Limitation

Currently, only Bolt supports post-quantum hybrid key exchange via the OpenSSL provider. Post-quantum hybrid key exchange for other interfaces that rely on native Java cryptographic libraries, such as the HTTP server, is currently not supported, pending backporting of these features to the LTS versions of the JVM.