The Post Quantum Cryptography extension for Utimaco Hardware Security Modules
Quantum Protect upgrades your Utimaco General Purpose HSM with proven and recommended post quantum cryptography algorithms for a secure transition into the quantum era.
- Includes a Software simulator for evaluation and integration testing
- Use lattice and hash-based cryptographic algorithms for encryption and digi-tal signatures
- Supports PQC algorithms recommended by NIST & BSI:
- CRYSTALS-KYBER, CRYSTALS-Dilithium, XMSS, XMSS-MT, LMS, and HSS
Product Type:
FirmwareSupported Platforms:
Key Benefits
Details
Quantum Protect – Adding Quantum-Resistance to Applications and Use Cases
Quantum Protect is the firmware extension for integrating post quantum cryp-tography into business applications and IT infrastructures.
By offering lattice and hash-based algorithms for both key encapsulation mechanisms and digital signatures it can be applied to a variety of use cases which are threatened by quantum computers such as document signing or code signing, issuing of certificates for public key infrastructures (PKI), or key injection and chip personalization by executing quantum-safe crypto algo-rithms within the secure boundaries of the HSM.
The algorithms supported by Quantum Protect are amongst the finalists of the ongoing NIST standardization process and have been endorsed by BSI (Feder-al Office for Information Security, Germany). These algorithms are the building blocks for quantum-safe infrastructures and for hybrid crypto schemes that will be deployed in a transition phase to defend against the threat to traditional asymmetric cryptography posed by the emergence of quantum computing.
Because Quantum Protect is retrofittable, it can be easily added to the u.trust General Purpose HSM Se-Series. It is also available as a simulator extension, which makes evaluation and integration testing of Post Quantum Cryptography algorithms with business applications simple.
Features
Support PQC algorithms recommended by NIST and BSI
- CRYSTALS-Dilithium (ML-DSA), LMS, HSS, XMSS and XMSS-MT for digital signatures
- CRYSTALS-KYBER (ML-KEM) for key encapsulation
Easy integration
- Application integration using PKCS #11 “Vendor Defined Mecha-nisms”
- Firmware module for in-field upgrade on your Hardware Security Module
- Simulator for evaluation, development, and integration testing
- Secure backup and restore functionality
- Available for stateful schemes