Entrust, an international pioneer in trusted payments, identities, and data, has unveiled its groundbreaking Post-Quantum Ready PKI-as-a-Service (PKIaaS PQ) platform. The company's innovative offering, which is reportedly the first of its kind commercially available, allows enterprises to transition to quantum-resistant certificates immediately, supplying both composite and pure quantum-safe certificate authority hierarchies.
The necessity for such a service arises from the looming quantum threat, believed to be up to ten years away. Even so, Greg Wetmore, Vice President, Software Development at Entrust, emphasises the need for early action. "We know the transition to quantum-safe algorithms won't be just another crypto refresh cycle."
Wetmore highlights the need for a proactive transition from current public key cryptographic systems to new quantum-safe cryptographic algorithms. This shift is anticipated to be highly intricate, impacting nearly every aspect of the digital infrastructure and the data it relies on. The complexity of this transition surpasses previous technological changes, requiring thorough preparation and comprehensive adjustments.
"To prepare, we need to move today's public key cryptographic systems from their current state to new quantum-safe cryptographic algorithms. This transition will be more complex than anything we've done in the past and will touch just about every piece of digital infrastructure and data we rely on today," says Wetmore.
The company's quantum readiness stems from its PKIaaS platform, aided by over 25 years of Entrust PKI expertise and innovation. The platform simplifies PKI enterprise implementation and administration with pre-built, turnkey certificate use cases. Entrust's PKIaaS architecture also enables customers to scale on-demand, integrating seamlessly into pre-existing workflows and applications to provide visibility, control, and automation of the environment.
This initiative falls in line with cybersecurity guidelines from authoritative global bodies like the BSI in Germany and ANSSI in France. These institutions advocate that organisations should test both hybrid and composite certificates, as well as those based on pure quantum-safe algorithms. Entrust's solution allows customers to issue quantum-safe certificates swiftly, taking into account both composite and pure quantum certificate authority hierarchies.
Entrust's innovative system mirrors the strategies recommended by national cybersecurity agencies worldwide. This involves a hybrid approach to transitioning to quantum-safe data protection, utilising composite certificates to maintain defence through traditional and quantum-resistant cryptographic algorithms.
Wetmore stated that Entrust's recent launch enables them to aid organisations in swiftly and efficiently generating and managing certificates. This initiative is designed to bolster an organisation's broader Zero Trust strategy, safeguarding sensitive data from potential threats like 'harvest now, decrypt later.' The goal is to ensure the ongoing security of digital infrastructure, particularly in the face of emerging quantum threats.
Wetmore added, "With this launch, Entrust can support this transition and provide rapid, and scalable certificate generation and management. This approach also enhances an organisation's wider Zero Trust implementation and maturity by protecting their sensitive data from the 'harvest now, decrypt later' threat, and ensuring their digital security infrastructure remains secure once the quantum threat is realised."