Key Exchange Method
Combined Elliptic-Curve and Post-Quantum 1 (CECPQ1)
The combined elliptic-curve and post-quantum 1
[286][287][288] is a post-quantum cryptography
[344][345] key exchange
[467] algorithm developed by Google, LLC
[54][55] to resist against quantum computing
[141] attacks. The Transport Layer Security
[164] combines X25519
[11], based on elliptic curve
[577][578] Curve25519
[219], and NewHope
[455][456][457][458] Elliptic-curve Diffie–Hellman
[490][491] algorithms. It provides forward secrecy
[135][136][137][138], and does protect past sessions against future compromises. If long-term secret keys or passwords are compromised, encrypted communications and sessions recorded in the past cannot be retrieved and decrypted.
Recommendations
Always prefer cipher suites with PFS property over the non-PFS ones. Note that performance considerations implies preferring Ephemeral Elliptic-curve Diffie–Hellman
[91][92] over Ephemeral Diffie-Hellman
[142][143][144][145]. Consider the fact that combined elliptic-curve and post-quantum 1
[286][287][288] was succeeded by combined elliptic-curve and post-quantum 2
[564][565].