Entrust launches Post-Quantum Ready PKI platform


Payments, identities, and data company Entrust has announced the launch of its Post-Quantum Ready PKI-as-a-Service (PKIaaS PQ) platform

Payments, identities, and data company Entrust has announced the launch of its Post-Quantum Ready PKI-as-a-Service (PKIaaS PQ) platform. With this addition, the company’s cloud-based PKI-as-a-Service offering can now provide both composite and pure quantum-safe certificate authority hierarchies, enabling customers to either test or implement quantum-safe scenarios and infrastructure, making it one of the first commercially available platforms of its kind.

Entrust’s Post-Quantum Ready PKI platform Backed by over 25 years of Entrust PKI expertise and innovation, Entrust PKIaaS is a cloud-native service that looks to simplify PKI enterprise implementation and administration with pre-built, turnkey certificate use cases, including WSTEP, ACME, SCEP, and an extensive array of mobile device management (MDM) solutions. Furthermore, the Entrust PKIaaS architecture simplifies how customers scale on-demand by reducing on-premises services, applications, and software. Designed to easily integrate into existing workflows and apps, it provides visibility, control, and automation of the environment from a single glass pane, together with public SSL/TLS management via the cloud platform.

Based on the NIST PQ draft standard algorithms, the addition of post-quantum cryptography enables customers to issue quantum-safe certificates in a matter of minutes, making use of both composite and pure quantum certificate authority hierarchies. This approach is in alignment with recommendations from global cybersecurity agencies such as the BSI in Germany and ANSSI in France, which propose organisations test both hybrid and composite certificates, as well as those based on pure quantum-safe algorithms. Commenting on the announcement, Entrust officials advised that although the quantum threat is up to a decade away, the transition to quantum-safe algorithms will be more than just a crypto refresh cycle, and to prepare, public key cryptographic systems should be moved from their current state to new quantum-safe cryptographic algorithms.

The transition is expected to be more complex than anything before and to touch each piece of digital infrastructure and data relied on presently. As such, organisations need to look at their Post-Quantum (PQ) migration strategy now and implement the tools and tech needed to test and migrate to quantum-safe security. More to this point, the spokesperson said that national cybersecurity agencies worldwide recommend a hybrid approach to the transition to quantum-safe data protection, using hybrid or composite certificates to ensure protection in the form of classic and quantum-resistant cryptographic algorithms.

With this launch, Entrust is enabled to support this transition and offer quick and scalable certificate generation and management, an approach that also enhances an organisation’s wider Zero Trust implementation and maturity by protecting sensitive data from the “harvest now, decrypt later” threat, and ensuring the digital infrastructure remains secure once the quantum threat is realised. .


Jan 11, 2024 10:43
Original link