Commercial Firm Offering Quantum-Safe X.509 Digital Certificates, Lay Dormant Until Needed
This appears to be the first quantum-safe digital certificates we have seen. Well, the first ones we have seen that are available. Interesting spin Futurex (using ISARA technology), puts on the pitch: The certificates “can lay dormant until needed.” Because Quantum is Coming. Qubit.
Futurex Announces Post-Quantum Hybrid Certificate Authority Solution
Futurex embeds both conventional and quantum-safe certificates in a single container – quantum-safe algorithms can be turned on as needed
BULVERDE, Texas, February 20, 2020 — Futurex, a leader in hardened, enterprise-class data security solutions, today announced a post-quantum hybrid security solution to help enterprises, IoT device manufacturers, government agencies, and others more efficiently prepare for the advent of quantum computing. Futurex is the first company to deliver a post-quantum hybrid certificate authority offering that integrates certificate lifecycle management within a FIPS 140-2 Level 3-validated hardware security module (HSM).
In contrast to alternatives that require the use of separate certificates for conventional or quantum-safe algorithms, Futurex’s Key Management Enterprise Server (KMES) Series 3 embeds both conventional and quantum-safe algorithms within a single container. Under this hybrid approach, organizations can supply quantum-safe certificates to their devices that can lay dormant until needed. Until then, they can use conventional algorithms and continue operating without impact to their existing ecosystem. The hybrid solution incorporates quantum-safe cryptography and standardized X.509 digital certificate technology from ISARA Corporation, the world’s leading provider of quantum-safe and crypto-agile security.
Experts estimate that large-scale quantum computers are expected within the next seven to 10 years and will be capable of breaking most current public key encryption algorithms such as RSA, ECC, and Diffie-Hellman, rendering them useless. This is concerning for every organization whose security is underpinned by public key cryptography and particularly serious for long-lifespan IoT devices such as satellites, automobiles, and critical infrastructure components that rely on cryptography for code signing. It’s typically infeasible and costly to reissue new certificates to those devices, making the hybrid approach provided by Futurex’s KMES Series 3 the ideal solution to this problem.
“Organizations face a challenging and difficult road ahead to full quantum readiness,” said Ryan Smith, vice president, global business development at Futurex. “With our hybrid approach to key management servers and HSMs, we are demonstrating our commitment to helping our customers make a smooth and efficient transition to a post-quantum world.”
“Smart organizations understand the risk large-scale quantum computing poses to them and their customers’ privacy and security. They understand the importance of crypto-agility, as recommended by NIST, to help seamlessly migrate to new cryptographic algorithms,” said Scott Totzke, CEO and co-founder, ISARA. “We are pleased to be working with industry leaders and innovators, such as Futurex, to improve organizations’ crypto-agility. Because of this, organizations will be better prepared to make the switch to quantum-safe encryption well before quantum computers actually arrive.”
The FIPS 140-2 Level 3-validated KMES Series 3 is a versatile and secure solution for organizations charged with managing large volumes of keys, certificates, and other cryptographic objects. Whether it be key lifecycle management, certificate authority, public key infrastructure, vaultless tokenization, or data protection, Futurex’s KMES brings full spectrum key management into a single device.
Content may have been edited for style and clarity.