Because of Grover's algorithm but also mostly because I was bored, I was curious if I could use only 256 bit ciphers on TLS1.3 on dustri.org..
TLS1.3 sucks way less than its predecessors for a myriad of reasons,
and the main one being that it got rid of a metric fuckton of legacy stuff,
allowing OpenSSL to only implement 5 ciphersuites,
with only 3 enabled by default:
So the problem boils down to "how do I disable
Because people tend to not read documentation, old cipher strings may have inadvertently disabled TLS1.3 ciphers, causing issues. This is why OpenSSL split the configuration mechanisms for TLS1.3 and TLS<1.3 in 2018.
Unfortunately, the nginx developers aren't happy with this,
calling it a band-aid, so they didn't bother making use of the new API,
meaning that it's impossible to tweak TLS1.3 ciphers on nginx with OpenSSL
allowing to directly set OpenSSL configuration
ciphersuites one for TLS1.3 ciphersuites,
not to be confused with
cipher for TL1.2 and below.
Anyway, just slap
ssl_conf_command Ciphersuites TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256;
in your nginx configuration, and enjoy post-quantum ciphers for TLS1.3!
Apart from bragging rights this change is pretty useless, since:
- the key-exchange and the authentication aren't post-quantum
- the increased safety margin for multi-user setting is irrelevant thanks to TLS1.3's randomized nonces.