Entrust secures against quantum threats with latest offerings
Entrust, a provider of trusted identities, payments and data protection solutions, has announced four new solutions aimed at helping organisations prepare for the security challenges and opportunities presented by quantum computers.
Advances in quantum computing threaten the integrity of traditional asymmetric encryption algorithms, with the potential to empower brute force attacks that will succeed in minutes rather than years, Entrust states.
Post quantum (PQ) cryptography is the development of new cryptographic approaches that can be implemented using today's computers but will be impervious to attacks from tomorrow's quantum ones.
The National Institute of Standards and Technology (NIST) has published a short-list of PQ safe algorithms which will be resilient to these attacks.
Although these algorithms are undergoing review from academics and industry, security-conscious organisations need to start work now in order to be fully prepared for a post quantum future, Entrust states. This includes carrying out due diligence by investigating the adoption of the short-listed algorithms in their cryptographic ecosystem.
To help organisations start preparing for this future now, Entrust is making available four new products designed to help organisations to assess their cryptographic stance and integrate quantum resistant algorithms into their encryption workflows and services.
The new offerings are: the Cryptographic Centre of Excellence now supporting PQ preparedness, the Entrust nShield Post Quantum Cryptography Option Pack, the Quantum Java Toolkit. and PKIaaS for Post Quantum.
The Entrust Cryptographic Centre of Excellence consulting portfolio which provides actionable recommendations to remediate identified risks in crypto systems is evolving to help organisations prepare to manage the challenges of PQ, the company states.
The upcoming updates to the Crypto Agility Maturity Assessment is designed to help organisations identify their readiness to manage the introduction of PQ algorithms and provide a roadmap to achieve the required level of crypto agility.
For customers looking to evaluate the use of NIST PQ shortlisted algorithms running within a representative Entrust nShield Hardware Security Module (HSM) environment, Entrust offers an advanced preview of a new option pack.
This pack provides a software development suite of cryptographic functions based on NIST PQ shortlisted algorithms, running within a representative Entrust nShield Hardware Security Module (HSM) environment.
This sandbox environment supports a range of PQ cryptographic operations including key generation, encrypt, decrypt, sign, verify and key exchange. It enables developers to test PQ algorithms, invoke crypto operations via Java calls and execute code within a secure test environment underpinned by a quantum safe root of trust.
Available as a beta release, the pluggable Quantum Java toolkit provides a way for organisations to integrate quantum safe algorithms into their digital certificate generation workflows. It is being made available to organisations who want to start building secure applications with PQ cryptography and supports composite certificate draft standards and traditional single algorithm certificates.
Entrust has developed this toolkit to support the NIST post quantum development and is a round 3 signature finalist in the NIST competition.
Finally, in a PQ environment, Public Key Infrastructure (PKI) providers will need to issue hybrid or composite certificates combining classical and quantum safe algorithms. By providing a cloud-based PKI as a Service offering, Entrust can provide customers with composite and pure quantum Certificate Authority hierarchies.
PQ via PKIaaS is expected to be available to applicants as a beta in April 2022 and will give organisations the ability to test multi-certificates or composite certificates with their applications, with the added benefit that these will be underpinned by Entrust nShield HSMs.
Entrust chief information officer Anudeep Parhar says, “Post quantum computing is an inevitable threat to cybersecurity. While it is unclear when exactly the post quantum threat will become real, it is generally expected to occur within the decade. The migration to quantum-safe algorithms can take several years, so the time to prepare for post quantum is now.
"Entrust is at the forefront of post quantum cryptography. We are participating members of the Internet Engineering Task Force (IETF), and we are also participants in the NIST PQ competition. Through growth initiatives and investment in solutions like those announced today, we are helping our customers today to prepare for tomorrow.