Q-safe – Applying Quantum-Resistance to Applications and Use Cases
- Firmware extension module for installation on SecurityServer Se Gen2 series HSMs
- Applies quantum-resistance to a crypto infrastructure
- Includes a Software simulator for evaluation and integration testing
- Supports PQC algorithms recommended by NIST: CRYSTALS-KYBER, CRYSTALS-Dilithium, XMSS, and XMSS-MT
Q-safe – Adding Quantum-Resistance to Applications and Use Cases
Q-safe from UTIMACO is a future-proof firmware extension enabling organizations to prepare for the era of quantum computing - a serious threat to traditional cryptographic algorithms that has the potential to decimate the future security infrastructure of the digital economy.
By integrating post-quantum cryptography into business applications and IT infrastructures, Q-safe enables organizations to address this challenge immediately. Q-safe adds the extra layer of quantum-safe security to digital processes such as document signing or code signing, issuing of PQC or hybrid certificates for public key infrastructures (PKI), or key injection and chip personalization by executing quantum-safe crypto algorithms within the secure boundaries of the HSM.
The algorithms used by Q-safe are amongst the finalists of the ongoing NIST standardization process. Some of them have recently been endorsed by BSI (Federal Office for Information Security, Germany). These algorithms are the building blocks for quantum-safe infrastructures and for hybrid crypto schemes that will be deployed in a transition phase to defend against the threat to traditional asymmetric cryptography posed by the emergence of quantum computing.
Because the Q-safe firmware module is retrofittable, it can be easily added to the SecurityServer Se Gen2 series HSM firmware. It is also available as a simulator extension, which makes evaluation and integration testing of Q-safe with business applications simple.
- Application integration using PKCS #11 “Vendor Defined Mechanisms”
- Firmware module for in-field upgrade on your installed base of SecurityServer Se Gen2 series HSMs
- Library for upgrade of SecurityServer simulators, for evaluation, development, and integration testing
Support for various cryptographic algorithms
- Digital signature algorithms Dilithium, HSS, XMSS and XMSS-MT
- Key encapsulation algorithm Kyber
- Provision of a PQC Consultancy designed to support customers and partners in making the right choice of algorithms and developing a roadmap towards a quantum-safe IT security infrastructure
Secure backup and restore functionality
- Available for stateful schemes