Description of isogeny based cryptography and integration of SIKE into TLS has been published by Cloudflare their’s blog as part of Towards post-quantum cryptography in TLS post.

I’ve implemented SIKE both in C and Golang. The C version has been integrated into BoringSSL. This version of BoringSSL can be used in order to establish post-quantum key exchange with SIKE/p434. Example below shows how to use test program (bssl) in order to do it.

Configure server to listen on port :1443 and accept PQ, SIKE-based key exchanged called CECPQ2b:

Server Client
Server accepts CECPQ2b SIKE-based KEM
./bssl server -accept 1443 -curves CECPQ2b
                
Use CECPQ2b as key exchange
./bssl client -connect localhost:1443 -curves CECPQ2b
                
Connected.
  Version: TLSv1.3
  Resumed session: no
  Cipher: TLS_AES_256_GCM_SHA384
  ECDHE curve: CECPQ2b
  Secure renegotiation: yes
  Extended master secret: yes
  Next protocol negotiated: 
  ALPN protocol: 
  Early data: no
                
Connecting to [::1]:1443
Connected.
  Version: TLSv1.3
  Resumed session: no
  Cipher: TLS_AES_256_GCM_SHA384
  ECDHE curve: CECPQ2b
  Signature algorithm: ecdsa_secp256r1_sha256
  Secure renegotiation: yes
  Extended master secret: yes
  Next protocol negotiated: 
  ALPN protocol: 
  OCSP staple: no
  SCT list: no
  Early data: no
  Cert subject: C = US, O = BoringSSL
  Cert issuer: C = US, O = BoringSSL
                

I’ve also implemented SIKE in Golang and integrated it into library called CIRCL. It implements SIKE with multiple underlying fields. It has also been described on the Cloudflare’s blog here. It is great place for anyone who wants to start experimentating with post-quantum.