Enhance the security of Java applications that require secure network communication by implementing hybrid key exchange algorithms for TLS 1.3. Such algorithms defend against future quantum computing attacks by combining a quantum-resistant algorithm with a traditional algorithm. Applications that use the javax.net.ssl APIs will benefit from these improved algorithms by default, without changes to existing code.

The following three new hybrid key exchange algorithms are supported: X25519MLKEM768, SecP256r1MLKEM768, and SecP384r1MLKEM1024. Only the X25519MLKEM768 hybrid key exchange algorithm is placed at the front of the default named groups list, making it the most preferred group.

For more details, see [JEP 527](https://openjdk.org/jeps/527).