Java Development Kit (JDK) 27, scheduled for release in September, is already making headlines with its first proposed feature. The update aims to improve network security by introducing a new post-quantum hybrid key exchange capability. This is part of Java’s ongoing efforts to keep up with emerging threats and technological advances.

Introducing Post-Quantum Hybrid Key Exchange

The new feature, known as post-quantum hybrid key exchange for TLS 1.3, was announced on the OpenJDK page for JDK 27 in January. Its goal is to strengthen the security of Java applications that rely on network communications. The feature will implement hybrid key exchange algorithms that combine traditional cryptography with quantum-resistant algorithms.

By doing this, Java aims to defend against potential future attacks by quantum computers. These advanced computers could eventually break current cryptographic standards. The hybrid approach ensures security by using a mix of algorithms that are resistant to both classical and quantum threats. Applications using javax.net.ssl APIs will automatically benefit from these improvements without needing any code changes, according to the JDK Enhancement Proposal (JEP).

Details About the JDK 27 Release

JDK 27 will be a non-LTS (Long-Term Support) release, meaning it will receive six months of support. This is the same support window as JDK 26, which is expected to be released in March. In contrast, the current LTS release, JDK 25, will be supported for multiple years. This approach allows developers to test new features early while maintaining long-term stability with LTS versions.

Several potential features are already in the pipeline, some of which originated as preview features in JDK 26. These include PEM (privacy-enhanced mail) encodings for cryptographic objects, structured concurrency, lazy constants, and primitive types in patterns, instanceof, and switch statements. Another promising feature is the Vector API, which is currently in incubation in JDK 26.

Future Plans and Other Java Improvements

Oracle, the main steward of Java, recently shared plans for the future of the platform. They outlined intentions to work on features like value types, structured concurrency, and ahead-of-time (AOT) compilation. However, these features may not all arrive in 2026. They are part of Oracle’s broader vision to make Java more efficient and easier to use.

While some of these features are still in development, the focus on security with quantum-resistant algorithms marks a significant step forward. It shows Java’s commitment to staying ahead of evolving cybersecurity challenges. Developers and organizations should keep an eye on these updates to prepare for the changes coming with JDK 27.

Overall, Java 27 is shaping up to be an important release, especially in the area of network security. The move towards post-quantum cryptography reflects the platform’s proactive stance on future-proofing applications. As the release date approaches, more features and details are likely to be announced, promising a more secure Java environment for the years ahead.

Inspired by

• https://www.infoworld.com/article/4116320/java-27-gets-its-first-feature.html

Sources

• openjdk.org
• openjdk.org
• openjdk.org
• openjdk.org
• openjdk.org