ISARA Corporation, the leading provider of security solutions for the quantum computing age, and Utimaco Inc., a worldwide provider of cybersecurity solutions, announced today that they successfully ran quantum-safe hash, lattice and multivariate-based digital signature algorithms for a Hardware Security Module (HSM) in initial laboratory testing.
Utimaco, based in Germany, is a leading manufacturer of Hardware Security Modules (HSMs) that provide the root of trust to all industries, from financial services and payment to the automotive industry, cloud services to the public sector. HSMs help keep cryptographic keys and digital identities safe in order to protect critical digital infrastructures and high value data assets. Utimaco and ISARA are collaborating to help defend critical systems in the coming age of quantum computing.
"With the threat of quantum computers being able to break currently used public-key cryptography growing nearer and standards organizations, like the National Institute of Standards and Technology (NIST) and European Telecommunications Standards Institute (ETSI), working on creating new cryptographic standards, work on how these new schemes fit into existing protocols and systems needs to be done in parallel in order to ensure we are ready to mitigate the quantum threat in time,'' said Thorsten Groetker, Chief Technology Officer of Utimaco. ''In addition, it takes time and effort to ensure that hardware systems are able to run the new algorithms efficiently and that is why we are preparing Utimaco's CryptoServer line of products for the challenge ahead."
With immense computing power driven by quantum mechanics, quantum computing offers the potential for huge advancements in areas such as artificial intelligence and material design. But a quantum computer also will be capable of breaking the public key encryption standards that protect all of the data, software updates and technology we now safely store, share and use.
"Quantum computing will deliver amazing benefits and, in the wrong hands, could present serious threats,'' said Michael K. Brown, CTO of ISARA Corp. "All organizations with critical data need to begin preparing today by protecting information whose confidentiality must persist over time. We are excited to work with Utimaco on quantum-safe HSM solutions as it allows the IoT industry to ensure their product's roots of trust remain secure and over-the-air updates authentic."
At the core of secure devices is a root of trust, typically in the form of an embedded public key or digital certificate. These are embedded in all Internet-enabled devices, from computers to vehicles to industrial equipment. The software updates sent to these devices are digitally signed and these signatures can be verified by the receiving devices using the embedded roots of trust.
Updating roots of trust is an urgent problem. A part of solving that problem is getting the quantum-safe algorithms to work on a Hardware Security Module (HSM). This module keeps the private keys safe in a tamper-resistant hardware and sign data that is fed into it, without revealing the private key. While providing physical protection to the private key, these HSMs have limited memory and computing resources.
"While different threats posed by the arrival of a large-scale quantum computer have different urgency, we are particularly concerned about the roots of trust,'' said Alexander Truskovsky, ISARA's Senior Product Manager. "Internet-of-things devices will rely on over-the-air software updates. It is essential that we protect these devices from attack by quantum computers. HSM are essential to roots of trust and code signing."