Quantum safe SFTP file transfers

The world of cybersecurity is evolving and so are the threats. With the rise of quantum computing on the horizon, it's no longer enough to rely solely on traditional cryptography to keep sensitive data safe. That’s why we’re proud to share that support for Post-Quantum Traditional Hybrid Key Exchange (PQ/T Hybrid KEX) is available in SFTPGo.

In my role as maintainer of golang.org/x/crypto/ssh library for the Go project, I contributed support for ML-KEM (formerly Kyber), a leading post-quantum key exchange algorithm that is in the final stages of standardization by NIST.

This upgrade ensures that your file transfers remain secure not only today but well into the quantum future.

Of course, this addition benefits not only SFTPGo, but the entire Go ecosystem, including even competitors building similar products with the Go programming language.

We don’t wait for others to do the heavy lifting. We actively contribute to the ecosystem and push innovation forward, so our users can rely on a solution that’s always ahead of the curve.

While large-scale quantum computers capable of breaking modern encryption are not yet available, the threat is already real. Adversaries can record encrypted data today and decrypt it later once they have quantum capabilities: a tactic known as "harvest now, decrypt later."

With PQ/T Hybrid KEX, you’re protected from that future risk today.

Key Benefits:

• Quantum-Safe Security: Defends against both classical and quantum attacks.
• Backward Compatibility: Works seamlessly with existing cryptographic infrastructure.
• Future-Proof Transfers: Protects data you’re exchanging now from being decrypted in the future.

SFTPGo includes seamless support for Post-Quantum Traditional Hybrid Key Exchange through the algorithm mlkem768x25519-sha256.

This hybrid KEX method combines ML-KEM 768 (formerly Kyber) with the well-established X25519 algorithm. The key derivation process uses both algorithms and securely combines the results using SHA-256. The result is a session key that is secure against both classical and quantum adversaries. Source code.

Key Highlights:

• Enabled by default: No configuration changes are needed, if both client and server support it, the hybrid KEX will be used automatically.
• Fully interoperable: Clients that don't yet support post-quantum algorithms like mlkem768x25519-sha256 will continue to work as expected using standard key exchange algorithms ensuring a smooth and backward-compatible experience.
• Works with modern SFTP clients: The mlkem768x25519-sha256 key exchange is interoperates with modern SFTP clients, such as recent versions of OpenSSH (9.9+), for a seamless integration experience. With clients like OpenSSH, which enable and prioritize ML-KEM by default for enhanced security, the post-quantum key exchange will be automatically used.

Post-Quantum Hybrid Traditional Key Exchange has been available in our SaaS offerings and Limited Availability Enterprise edition, accessible to Enterprise customers, since April 22, 2025. It will also be included in the upcoming release of the Open-Source edition, reflecting our continued commitment to the open-source community, even as active development increasingly focuses on the Enterprise edition.

Whether on-premise, in the cloud, or in a hybrid setup, SFTPGo keeps your file transfers secure and your data protected.

Nicola Murino