Entrust Introduces First Commercially Available “Post Quantum Ready” PKI Platform

Entrust has announced the general availability of its Post-Quantum Ready PKI-as-a-Service (PKIaaS PQ) platform. With this launch, the company’s cloud-based PKI as a Service offering now can provide both composite and pure quantum-safe certificate authority hierarchies, enabling customers to test or implement quantum-safe scenarios and infrastructure. This makes it the first commercially available platform of its type.

“Although the quantum threat is up to a decade away, we know the transition to quantum-safe algorithms won’t be just another crypto refresh cycle. To prepare, we need to move today’s public key cryptographic systems from their current state to new quantum safe cryptographic algorithms. This transition will be more complex than anything we’ve done in the past and will touch just about every piece of digital infrastructure and data we rely on today. Organizations should be looking at their Post Quantum (PQ) migration strategy now and implementing the tools and technology needed to test and migrate to quantum-safe security,” said Greg Wetmore, Vice President, Software Development at Entrust.

Backed by more than 25 years of Entrust PKI expertise and innovation, Entrust PKIaaS is a cloud-native service that simplifies PKI enterprise implementation and administration with pre-built, turnkey certificate use cases, including WSTEP, ACME, SCEP, and a broad range of mobile device management (MDM) solutions. The Entrust PKIaaS architecture also makes it simple for customers to scale on-demand by reducing on-premise services, applications, and software. It is designed to seamlessly integrate into existing workflows and applications, providing visibility, control, and automation of the environment from a single pane of glass, together with public SSL/TLS management via the cloud platform.

The addition of post-quantum cryptography, based on the NIST PQ draft standard algorithms, allows customers to issue quantum safe certificates in minutes, using both composite and pure quantum certificate authority hierarchies. This approach aligns with recommendations from global cybersecurity agencies such as the BSI in Germany and ANSSI in France, which recommend organizations test both hybrid and composite certificates as well as those based on pure quantum-safe algorithms.

“Leading national cybersecurity agencies around the world are recommending a hybrid approach to the transition to quantum safe data protection, with the use of hybrid or composite certificates to ensure protection in the form of classic and quantum-resistant cryptographic algorithms. With this launch, Entrust can support this transition and provide rapid, and scalable certificate generation and management. This approach also enhances an organization’s wider Zero Trust implementation and maturity by protecting their sensitive data from the “harvest now, decrypt later” threat, and ensuring their digital security infrastructure remains secure once the quantum threat is realized,” added Wetmore.