No. Kubernetes uses classical TLS for API server, etcd, kubelet, and service mesh communication.
Key Takeaway: Kubernetes is NOT quantum safe. Deploy PQC-capable ingress controllers. Evaluate service mesh PQC support. Use QScout to scan Kubernetes TLS configurations.
Kubernetes is NOT quantum safe. The control plane relies on TLS for API server authentication, etcd encryption, kubelet communication, and service-to-service mTLS. All use classical RSA or ECDH key exchange. Kubernetes secrets are stored in etcd with AES-256-GCM (Grover-resistant), but TLS wrapping those secrets in transit is quantum-vulnerable.
| Full Name | Kubernetes Container Orchestration |
| Category | infrastructure |
| Quantum Vulnerability | TLS key exchange across all Kubernetes components uses RSA/ECDH (Shor-vulnerable). |
| NIST Status | No native PQC support in Kubernetes. CNSA 2.0 requires PQC by 2030. |
| Deprecation Timeline | Kubernetes TLS should transition to hybrid PQC by 2028-2030 |
| Replaced By | Pending Kubernetes/Istio PQC integration |
Deploy PQC-capable ingress controllers. Evaluate service mesh PQC support. Use QScout to scan Kubernetes TLS configurations.
QScout discovers every instance of Kubernetes across your infrastructure in 7 days — with zero operational disruption. 72-hour time to first findings.