Today, the security of the world's digital infrastructure relies on traditional public-key based cryptographic algorithms such as RSA, and Diffie-Hellman and its elliptic curve variants. However, there's a looming threat on the horizon predicted to eventually break these algorithms: Quantum Computers.

In this session, we'll show how the Java Platform is preparing for this paradigm shift in security by adding support for Post-Quantum Cryptography (PQC), which are algorithms designed to be secure against quantum computer attacks. Come to this session to learn about the PQC-related features we've already delivered and what we're working on for JDK 27 and beyond.

Presented by Sean Mullan (Java Platform Group - Oracle) at JavaOne 2026 (CA, March 2026).

All JavaOne 2026 talks ➤ https://www.youtube.com/playlist?list=PLX8CzqL3ArzUMVSzm-z_-if8BIB55EGl4

Resources:

- JEP 452: Key Encapsulation Mechanism API ➠ https://openjdk.org/jeps/452
- JEP 496: Quantum-Resistant Module-Lattice-Based Key Encapsulation Mechanisn ➠ https://openjdk.org/jeps/496
- JEP 497: Quantum-Resistant Module-Lattice-Based Digital Signature Algorithm ➠ https://openjdk.org/jeps/497
- JEP 510: Key Derivation Function API ➠ https://openjdk.org/jeps/510
- JEP 527: Post-Quantum Hybrid Key Exchange for TLS 1.3 ➠ https://openjdk.org/jeps/527
- JEP draft: Argon2 Password Hashing Algorithm ➠ https://openjdk.org/jeps/8377081
- OpenJDK Security Group ➠ https://openjdk.org/groups/security/
- Mailing List ➠ https://mail.openjdk.org/mail/lists/security-dev.openjdk.org/
- Security Developer’s Guide ➠ https://docs.oracle.com/en/java/javase/25/security/java-security-overview1.html
- Follow the Java Cryptographic Roadmap ➠ https://www.java.com/en/jre-jdk-cryptoroadmap.html
- Secure Coding Guidelines for Java ➠ https://www.oracle.com/java/technologies/javase/seccodeguide.html
- Sean's Blog ➠ https://seanjmullan.org/blog/
- More on Security ➠ https://inside.java/tag/security

Tags: #Java #JavaOne #Security #quantumcomputing #OpenJDK 

LRN1432 19 AUDI

Java (Official Oracle)

A conference talk by Oracle's OpenJDK Security Group Lead covering Java's roadmap for post-quantum cryptography (PQC). It explains why quantum computers threaten current asymmetric cryptography via Shor's algorithm, the 'harvest now, decrypt later' risk, and NIST's standardization of PQC algorithms (ML-KEM, ML-DSA, SLH-DSA). The talk details Java platform enhancements across JDK 21–27: new KEM and KDF APIs, HSS/LMS and ML-KEM/ML-DSA implementations, jarsigner support for PQC signatures, HPKE in JDK 26, and post-quantum hybrid key exchange for TLS 1.3 arriving in JDK 27 with zero code changes required. Code examples demonstrate ML-KEM key exchange, keytool certificate generation, and HKDF key derivation. Future work includes Argon2, certificate compression, PEM API finalization, and Jlink security plugins.

Java and Post-Quantum Cryptography