Post-quantum cryptography, despite what the term suggests, is a rapidly growing area of interest and concern in the here and now. Entrust, a provider of identity security, payments, and data protection solutions, is the latest to demonstrate that fact, this week announcing four new PQC solutions to help companies boost their security efforts with quantum in mind.
Among the new offerings, the company’s Cryptographic Center of Excellence consulting portfolio, which provides actionable recommendations to remediate identified risks in crypto systems, is evolving to help organizations prepare to manage the challenges of PQC. Updates to the Crypto Agility Maturity Assessment will help organizations identify their readiness to manage the introduction of PQC algorithms and provide a roadmap to achieve the required level of crypto agility, the company said.
This capability for readiness assessment comes as the National Institute of Standards and Technology (NIST) has published a short-list of quantum-safe algorithms which will be resilient to these attacks–but which are still subject to industry and academic review. Entrust is looking to help prepare companies for the standards likely to result from this process, and its not the only one ramping up post-quantum preparation efforts. Earlier this week SoftBank announced a PQC technology verification project with Sandbox AQ, and there are numerous other examples.
Entrust also unveiled the nShield Post Quantum Cryptography Option Pack that provides a software development suite of cryptographic functions based on NIST’s short-listed algorithms running within a representative Entrust nShield Hardware Security Module (HSM) environment. This sandbox environment supports PQC operations like key generation, encrypt, decrypt, sign, verify and key exchange, and lets developers test PQC algorithms, invoke crypto operations via Java calls, and execute code within a secure test environment underpinned by a quantum safe root of trust, the company said.
Next up is Entrust’s pluggable Quantum Java Toolkit, which provides a way for organizations to integrate quantum safe algorithms into their digital certificate generation workflows. Available in beta release, it is being made available to organizations who want to start building secure applications with PQC, and supports composite certificate draft standards and traditional single algorithm certificates. Entrust developed this toolkit to support NIST PQC development, and is a Round 3 signature finalist in the NIST competition, the company said.
The fourth and final offering announced this week is PKIaaS for Post Quantum. In a PQC environment, Public Key Infrastructure (PKI) providers will need to issue hybrid or composite certificates combining classical and quantum safe algorithms, Entrust said. By providing cloud-based PKI as a Service, Entrust can provide customers with composite and pure quantum Certificate Authority hierarchies. PKIaaS is expected to be available to beta applicants next month.
All of these solutions address the need for companies to start conducting their due diligence about PQC. “Post-quantum computing is an inevitable threat to cybersecurity,” said Anudeep Parhar, Chief Information Officer at Entrust. “While it is unclear when exactly the post-quantum threat will become real, it is generally expected to occur within the decade. The migration to quantum-safe algorithms can take several years, so the time to prepare for post-quantum is now.”