Important News:SafeLogic's CryptoComply Achieves FIPS 140-3 Validation for 28 OEs and Receives Certificate #4781! Read the blog post!

 

 

What is Post-Quantum Cryptography?

 

SafeLogic Customers Can Now Test its PQC Algorithms and Capabilities via an Early Access Program


 

Quantum Computers Threaten to Break Public Key Infrastructure (PKI)

The RSA (Rivest-Shamir-Adelman) algorithm has been the asymmetric cryptography algorithm of choice for over 30 years. It is used in almost every aspect of computer security, including X.509 certificates, digital signatures and blockchain-based systems, logging, and identity and access management (IAM).

RSA and most other PKI schemes rely on the difficulty that classical computers have with factoring large integers, a problem that is expected to be substantially easier for quantum computers to solve, thus endangering the confidentiality of private encryption keys.

Progress in quantum computing has been steady, and Gartner* predicts that by 2029, quantum computing will be able to weaken existing systems to the point where security experts consider them unsafe to use cryptographically.

Many of the cryptographic products, protocols, and services used today will need to be updated, replaced, or significantly altered to employ quantum-resistant PQC algorithms to protect against this future threat.

* Gartner, Preparing for the Quantum World with Crypto-Agility, 9/2/22

PQC Lock

 

NIST is Leading the Search for Post-Quantum Cryptography (PQC) Algorithms That Are Resistant to Attacks from Quantum Computers

NIST PQC Standards News

 

 

  • The US National Institute of Standards and Technology (NIST) established a competition in 2017 to identify and standardize what is now called post-quantum cryptography

  • Post-quantum cryptography aims to develop systems that are secure against both quantum and classical computers yet can interoperate with existing communications networks and protocols

  • In August 2024, NIST announced the availability of three Post-Quantum Cryptography (PQC) algorithm standards: one key encapsulation mechanism, ML-KEM (Kyber) - FIPS 203, and two digital signature algorithms, ML-DSA (Dilithium) - FIPS 204 and SLH-DSA (SPHINCS+) - FIPS 205

  • NIST also announced  changes to the CMVP program to allow these standard PQC algorithms to be incorporated into FIPS 140-3

Speak with a SafeLogic Cryptography Expert

SafeLogic Has Taken a Leadership Position in PQC Migration

SafeLogic has been working closely with NIST as a member of its National Cybersecurity Center of Excellence (NCCoE) PQC Migration project along with organizations such as Cisco, Microsoft, Google and IBM.

SafeLogic CEO Evgeny Gervis leads the PQC Migration Risk Management and Prioritization workstream for the project and attended a recent White House conference with the Federal CIO and CISO.

SafeLogic launched a PQC Provider Early Access Program at the RSA Conference 2024 so customers can start testing and experimenting with PQC algorithms and capabilities.

Contact SafeLogic

Quantum Readiness

 

SafeLogic’s Post-Quantum Cryptography Solutions Offer Important Capabilities to Organizations Migrating to PQC

SafeLogic PQC Solutions

 

PQC algorithms CRYSTALS-KYBER, CRYSTALS-Dilithium, FALCON, SPHINCS+, LMS, and XMSS are now available for customer testing. SafeLogic expects to incorporate these into its FIPS 140 validated CryptoComply software once NIST completes the standardization process and doing so becomes possible.

SafeLogic takes a unique approach to cryptographic asset discovery by providing real-time operational information for when quantum-vulnerable cryptography is being used. This information can greatly help organizations with their cryptographic inventories and migration prioritization decisions.

SafeLogic’s approach to cryptoagility builds on CryptoComply’s provider architecture to reduce the effort required for future cryptography migrations.

SafeLogic’s approach to hybrid mode allows organizations to safely wrap classical FIPS 140-2 or FIPS 140-3 validated encryption in PQC to protect valuable data from “harvest now, decrypt later” attacks while maintaining FIPS compliance and providing defense in depth.

Learn About SafeLogic's PQC Early Access Program

SafeLogic’s PQC Solutions Offer Several Distinct Advantages

  1. Field-Proven Validated Cryptographic Implementations:  SafeLogic’s CryptoComply cryptographic software modules have been used in the field for over a decade.  SafeLogic’s implementations have achieved FIPS 140 validation status following rigorous testing and review by certified laboratories and NIST.  Once they have been fully standardized, SafeLogic plans to add PQC algorithms to its FIPS 140-3 validated modules.
  1. Extensive Environment Coverage with Maximum Compatibility. The use of cryptography is ubiquitous across the digital ecosystem, and comprehensive cryptographic software solution providers must be able to cover the full gamut of environments in which cryptography is used. SafeLogic’s modules are available for more programming languages, operating systems, and technology stacks than any alternative.  SafeLogic customers use CryptoComply software modules anywhere from mobile and embedded environments to mainframes and everything in between. Also, SafeLogic’s modules are designed to serve as drop-in replacements for existing (e.g., open-source) cryptographic libraries.
  1. Commercial Grade Support: As always, SafeLogic’s cryptographic software modules come with an experienced support team ready to provide white-glove service to support its customers’ software and certification needs. SafeLogic can also consult with organizations to assist with their PQC migration planning.
  1. Support for CNSA 2.0: SafeLogic’s modules support the CNSA 2.0 suite of algorithms, a set of standards that commercial solutions must meet if they are to be used in classified environments. 
  1. Memory Safety: SafeLogic is offering increasingly growing support for cryptographic algorithm implementations in memory-safe languages. It is widely known that using memory-safe languages can eliminate whole categories of security issues. A recent White House memorandum has called on the industry to adopt memory-safe languages to the greatest degree possible.

As organizations prepare for PQC migration, the largest migration in the history of cryptography, the dimensions above will be key to meeting their needs in a comprehensive fashion. 

Want to know more about how SafeLogic can help with your post-quantum cryptography strategy? Speak with one of our experts!