Cryptomathic, an acknowledged security software provider for advanced key management solutions with numerous innovations in cryptographic agility, and PQShield, a cybersecurity company specializing in quantum-resistant cryptographic solutions, have agreed a strategic alliance that will enable clients from various industries to transition to Post Quantum Cryptography (PQC) and comply with migration mandates from CNSA 2.0 and also implement the recently approved NIST algorithms.
With the CNSA 2.0 requirements and also with the recent release of FIPS 203, FIPS 204 and FIPS 205, which specify algorithms derived from CRYSTALS-Dilithium, CRYSTALS-KYBER and SPHINCS+, the migration to Post Quantum Cryptography (PQC) is now a reality for a many organizations. Organizations are faced with challenges when navigating the transition to PQC, as it impacts a wide range of use cases from signing of device firmware and secure boot, to network and application security, where meticulous management of the involved cryptographic keys and their life cycles through the transition is more important than ever. As organizations consider their options and estimate development efforts, this represents a unique opportunity to strengthen their cybersecurity.
Through the pioneering partnership between PQShield and Cryptomathic, we see a truly powerful technology that enables full support of all standardized PQC algorithms, such as stateful hash based signature schemes known as LMS and XMSS, in hardware and software. This also includes streamlined, user-friendly management of such keys with full support for automation workflows through state-of-the-art APIs supporting TLS 1.3 to protect against “harvest now, decrypt later” attacks. By taking advantage of the unique cryptographic services, organizations can experience full cryptographic agility, taking away a considerable burden for development and compliance teams alike.
Glen Leonhard, Director of Key Management at Cryptomathic, commented: “Cryptomathic has always worked with the best minds in the industry and our strategic alliance with PQShield – the global authority in PQC – will help address immediate needs for the industry which has now clear mandates to upgrade their root of trust including in particular for firmware and code signing to comply with CNSA and NIST.
“Cryptomathic is trusted across every high-risk sector – including banking, payments, healthcare and automotive manufacturing – to protect data from external threats and facilitate compliance. This new partnership means that when organizations choose Cryptomathic, they will also benefit from PQShield’s world-leading experience and expertise. Our customers can trust that their key management and digital signing solutions support crypto-agile practices, as well as being quantum-ready across all workloads or objects, on any cloud infrastructure or device.”
Johannes Lintzen, Business Development Director, Global, at PQShield, added: “When it comes to post-quantum computing, it’s vital that companies are able to differentiate between hype and genuine risk. As cryptography pioneers, PQShield and Cryptomathic have both delivered critical contributions to evolving high security solutions, including AES, ECC, and now post-quantum cryptography standards such as CRYSTAL-Kyber, CRYSTALS-Dilithium, SPHINCS+ and FALCON.
“Our world-class team of post-quantum cryptographers, engineers, and researchers is unmatched, dedicated to empowering organizations like Cryptomathic with the ultimate quantum-resistant solutions.”
