Quantum computing has entered fast development track since Shor's algorithm was proposed in 1994. Multi-cloud services of quantum computing farms are currently available. One of which, IBM quantum computing, presented a road map showing their Kookaburra system with over 4158 qubits will be available in 2025. For the standardization of Post-Quantum Cryptography or PQC, the National Institute of Standards and Technology or NIST recently announced the first candidates for standardization with one algorithm for key encapsulation mechanism (KEM), Kyber, and three algorithms for digital signatures. NIST has also issued a new call for quantum-safe digital signature algorithms due June 1, 2023. This timeline shows that FIPS-certified quantum-safe TLS protocol would take a predictably long time. However, "steal now, crack later" tactic requires protecting data against future quantum threat actors today. NIST recommended the use of a hybrid mode of TLS 1.3 with its extensions to support PQC. The hybrid mode works for certain cases but FIPS certification for the hybridized cryptomodule might still be required. This paper proposes to take a nested mode to enable TLS 1.3 protocol with quantum-safe data, which can be made available today and is FIPS compliant. We discussed the performance impacts of the handshaking phase of the nested TLS 1.3 with PQC and the symmetric encryption phase. The major impact on performance using the nested mode is in the data symmetric encryption with AES. To overcome this performance reduction, we suggest using quantum encryption with a quantum permutation pad for the data encryption with a minor performance reduction of less than 10 percent.

翻译：自1994年Shor算法提出以来，量子计算已进入快速发展轨道。目前多云计算农场已提供商用服务，其中IBM量子计算公司发布的路线图显示，其Kookaburra系统将在2025年实现超过4158个量子比特。在后量子密码（PQC）标准化进程中，美国国家标准与技术研究院（NIST）近期公布了首批标准化候选算法，包括一个密钥封装机制（KEM）算法Kyber和三个数字签名算法。NIST还于2023年6月1日发布了新的量子安全数字签名算法征集令。这一时间表表明，通过FIPS认证的量子安全TLS协议仍需相当长的时间才能实现。然而，面对"先窃取，后破解"的攻击策略，当前就需保护数据免受未来量子威胁。NIST建议使用支持PQC的TLS 1.3混合模式及其扩展协议。该混合模式虽适用于特定场景，但混合加密模块仍可能需通过FIPS认证。本文提出采用嵌套模式实现兼具量子安全特性的TLS 1.3协议，该方案可立即部署且符合FIPS标准。我们分析了嵌套TLS 1.3协议在PQC握手阶段和对称加密阶段的性能影响，发现嵌套模式对性能的主要影响体现在采用AES的数据对称加密环节。为克服该性能衰减，我们建议在数据加密中采用量子置换密码垫的量子加密技术，使性能损耗降至10%以下。