Entrust helps enterprises prepare for a post quantum security journey

Entrust has  made available four new products designed to help organisations to assess their cryptographic stance and integrate quantum resistant algorithms into their encryption workflows and services. The new offerings are:

Cryptographic of Excellence Expands to Support PQ Preparedness
The Entrust Cryptographic Health Check – which uses advanced crypto discovery tools to bring hidden and unknown crypto into view where it can be assessed and brought into compliance – is evolving to include PQ elements. The offering also prepares organizations for crypto-agility with compliance testing for a complete cryptographic inventory. It tests against current cryptography standards and is being expanded to cover more stringent quantum policies and determine what an organization’s current cryptographic estate looks like and plan for new architectures to support quantum safe certificates and keys.

Entrust nShield Post Quantum CodeSafe Option Pack
For organizations that are conducting preparatory PQ cryptography testing, Entrust offers a beta release of a new option pack that provides a software development suite of cryptographic functions based on NIST PQ shortlisted algorithms running within a representative Entrust nShield Hardware Security Module (HSM) environment. This sandbox environment supports a range of PQ cryptographic operations including key generation, encrypt, decrypt, sign, verify and key exchange. It enables developers to test PQ algorithms, invoke crypto operations via Java calls and execute code within a secure test environment underpinned by a quantum safe root of trust.

Quantum Java Toolkit
Available as a beta release, this pluggable Java toolkit provides a way for organizations to integrate quantum safe algorithms into their digital certificate generation workflows. It is being made available to organizations who want to start building secure applications with PQ cryptography and supports composite certificate draft standards and traditional single algorithm certificates. Entrust has developed this toolkit to support the National Institute of Standards and Technology (NIST) post quantum development and is a round 3 signature finalist in the NIST competition.

PKIaaS for Post Quantum
In a PQ environment, Public Key Infrastructure (PKI) providers will need to issue hybrid or composite certificates combining classical and quantum safe algorithms. By providing a hosted PKI as a Service offering, Entrust can provide customers with composite and pure quantum Certificate Authority hierarchies. This will give organization’s the ability to test multi-certificates or composite certificates with their applications, with the added benefit that these will be underpinned by Entrust nShield HSMs.

“Post-quantum computing is an inevitable threat to cybersecurity. While it is unclear when exactly the post-quantum threat will become real, it is generally expected to occur within the decade. The migration to quantum-safe algorithms can take several years, so the time to prepare for post-quantum is now,” said Anudeep Parhar, Chief Information Officer at Entrust. “Entrust is at the forefront of post-quantum cryptography. We are participating members of the Internet Engineering Task Force (IETF), and we are also participants in the NIST PQ competition. Through growth initiatives and investment in solutions those announced today, we are helping our customers today to prepare for tomorrow.”