https://community.cisco.com/t5/network-access-control/pqc-support/m-p/5544485#M600207 <P>With NIST having finalized FIPS 203 (ML-KEM), 204 (ML-DSA), and 205 (SLH-DSA) in August 2024, we're starting to evaluate our NAC infrastructure for post-quantum readiness and wanted to get some clarity on where ISE currently stands.</P><P>I know ISE 3.3 introduced TLS 1.3 for the Admin GUI, and ISE 3.4 extended TLS 1.3 support to EAP-TLS and TEAP-TLS — which is a meaningful step since TLS 1.3 is a prerequisite for any PQC key exchange. What I'm trying to understand is whether ISE has gone further than just enabling TLS 1.3.</P><P>Specifically:</P><P>1. Does ISE 3.4 or 3.5 support any PQC key exchange mechanisms (KEMs) such as ML-KEM within EAP-TLS or TEAP-TLS sessions? Even a hybrid mode like X25519MLKEM768 (the group now default in Chrome and supported in most modern browsers) would count.</P><P>2. Is there any "PQC Ready" or "hybrid" cipher suite language in the ISE roadmap or release documentation that I may have missed? I'm specifically looking for references to KEM algorithms or hybrid TLS groups like X25519MLKEM768 in the context of EAP or RADSec.</P><P>3. For RADSec, ISE running TLS 1.3 on the RADIUS-over-TLS channel — is there any plan or existing support for PQC cipher groups on that channel?</P><P>Context: TLS 1.3 support on the AAA plane is the necessary first step, but the actual quantum vulnerability is in the key exchange, not the TLS version itself. AES-GCM bulk encryption is already quantum-resistant; it's the asymmetric key exchange (ECDH, RSA) negotiated during the TLS handshake that is exposed to harvest-now-decrypt-later attacks. So the question is specifically about whether ISE can negotiate ML-KEM or hybrid KEM groups during the EAP tunnel setup.</P><P>Any input from folks who have dug into the ISE 3.5 security settings or seen anything in the roadmap would be appreciated. TAC references or release note pointers welcome.</P> Fri, 10 Apr 2026 00:34:26 GMT ProjectAdmin9535 2026-04-10T00:34:26Z https://community.cisco.com/t5/network-access-control/pqc-support/m-p/5544485#M600207 <P>With NIST having finalized FIPS 203 (ML-KEM), 204 (ML-DSA), and 205 (SLH-DSA) in August 2024, we're starting to evaluate our NAC infrastructure for post-quantum readiness and wanted to get some clarity on where ISE currently stands.</P><P>I know ISE 3.3 introduced TLS 1.3 for the Admin GUI, and ISE 3.4 extended TLS 1.3 support to EAP-TLS and TEAP-TLS — which is a meaningful step since TLS 1.3 is a prerequisite for any PQC key exchange. What I'm trying to understand is whether ISE has gone further than just enabling TLS 1.3.</P><P>Specifically:</P><P>1. Does ISE 3.4 or 3.5 support any PQC key exchange mechanisms (KEMs) such as ML-KEM within EAP-TLS or TEAP-TLS sessions? Even a hybrid mode like X25519MLKEM768 (the group now default in Chrome and supported in most modern browsers) would count.</P><P>2. Is there any "PQC Ready" or "hybrid" cipher suite language in the ISE roadmap or release documentation that I may have missed? I'm specifically looking for references to KEM algorithms or hybrid TLS groups like X25519MLKEM768 in the context of EAP or RADSec.</P><P>3. For RADSec, ISE running TLS 1.3 on the RADIUS-over-TLS channel — is there any plan or existing support for PQC cipher groups on that channel?</P><P>Context: TLS 1.3 support on the AAA plane is the necessary first step, but the actual quantum vulnerability is in the key exchange, not the TLS version itself. AES-GCM bulk encryption is already quantum-resistant; it's the asymmetric key exchange (ECDH, RSA) negotiated during the TLS handshake that is exposed to harvest-now-decrypt-later attacks. So the question is specifically about whether ISE can negotiate ML-KEM or hybrid KEM groups during the EAP tunnel setup.</P><P>Any input from folks who have dug into the ISE 3.5 security settings or seen anything in the roadmap would be appreciated. TAC references or release note pointers welcome.</P> Fri, 10 Apr 2026 00:34:26 GMT https://community.cisco.com/t5/network-access-control/pqc-support/m-p/5544485#M600207 ProjectAdmin9535 2026-04-10T00:34:26Z https://community.cisco.com/t5/network-access-control/pqc-support/m-p/5544512#M600209 <P>1. All of the supported ciphers are documented in the Compatibility Guides for the various ISE versions.<BR /><A href="https://www.cisco.com/c/en/us/support/security/identity-services-engine/products-device-support-tables-list.html" target="_blank">https://www.cisco.com/c/en/us/support/security/identity-services-engine/products-device-support-tables-list.html</A></P><P>2. Roadmap is not discussed in this public forum. This is likely in the roadmap, but any commit or version info cannot be shared.</P><P>3. ISE does not support RADSec, it currently only supports RADIUS DTLS (UDP)</P> Fri, 10 Apr 2026 06:21:20 GMT https://community.cisco.com/t5/network-access-control/pqc-support/m-p/5544512#M600209 Greg Gibbs 2026-04-10T06:21:20Z