Insider Brief
- Sectigo has launched Sectigo PQC Labs, a collaboration with Crypto4A, to provide a quantum-safe platform that enables organizations to safely test, validate, and transition to postquantum cryptography (PQC).
- The platform addresses key quantum threats, including “Harvest Now, Decrypt Later” attacks and vulnerabilities in long-lived digital signatures, offering a secure environment for testing quantum-resistant cryptographic solutions.
- Built with NIST’s full postquantum standards and powered by Crypto4A’s quantum-safe Hardware Security Modules, Sectigo PQC Labs equips organizations with tools to prepare for the quantum era and enhance their overall security strategy.
PRESS RELEASE — Sectigo, a global leader in digital certificates and Certificate Lifecycle Management (CLM), today announced the launch of Sectigo PQC Labs, a platform collaboration with Crypto4A, the industry’s first provider of quantum-safe Hardware Security Modules (HSMs). Backed by the only HSM meeting NIST’s full postquantum standards, Sectigo PQC Labs addresses today’s urgent need for a quantum-safe, practical and scalable platform to test, validate and support an organization’s safe transition to quantum-resistant cryptography.
According to Gartner ®, “security and risk management leaders need to begin planning for their move to postquantum cryptography (PQC) now, due to the wide and deep impact of replacing cryptographically dependent systems.” Sectigo PQC Labs allows organizations to safely explore, test, validate and create postquantum cryptographic certificates now, for eventual use in their technology stacks. Doing so allows organizations to gather insights to devise mitigation plans against PQC’s two main threat scenarios of current concern:
(1) Harvest Now, Decrypt Later Attacks: In this scenario, attackers collect and store encrypted data today, aiming to decrypt it later once quantum computers break today’s cryptographic algorithms.
(2) Long-Lived Private Digital Signatures: These signatures are critical in systems such as public key infrastructures (PKI), IoT devices, legal contracts and medical records. They ensure authenticity and integrity over extended periods, often spanning into the quantum computing era. However, the longer the delay in adopting PQC signatures, the greater the vulnerability these long-lived digital signatures face, creating an expanding attack surface over time.
“Quantum threats represent a fundamental and existential risk to any organization wishing to safeguard valuable digital assets,” said Kevin Weiss, chief executive officer at Sectigo. “Sectigo PQC Labs is pioneering the industry as the first certificate testing environment backed by an industry-leading quantum-safe HSM. This cutting-edge capability empowers organizations to test their systems in a secure environment, equipping them with the confidence and foresight needed to seamlessly transition to a post-quantum era. By leveraging Sectigo PQC Labs, organizations can stay decisively ahead of the curve, fortifying their public key infrastructure (PKI) and enhancing their overall security architecture against the challenges of tomorrow.”
Crypto4A plays a key role in the sandbox’s quantum resilience by strengthening every link in the cryptographic chain. Crypto4A is the industry’s first provider of quantum-safe HSMs certified to generate, manage and store unpredictable and secure cryptographic keys, making it a pivotal component in delivering secure quantum-resistant key management.
“NIST recently stated its 2030 deadline to deprecate today’s cryptographic algorithms and banning them entirely by 2035, effectively making today’s encryption protocols nearly obsolete,” said Bruno Couillard, chief executive officer at Crypto4A. “As we integrate Crypto4A’s HSM with Sectigo’s PKI expertise, we are demonstrating our commitment now to deliver organizations a proactive and practical solution to future quantum threats.”
As the only sandbox built with NIST’s full postquantum standards, Sectigo PQC Labs sets the stage for organizations to adapt to an ever-evolving threat landscape, ensuring they remain secure and ahead of the quantum transition curve. Capabilities present in Sectigo PQC Labs include:
- A sandbox environment for safe testing of any PQC assets including issuing pure PQC certificates
- Educational and demonstration tools to educate users about PQC integration into existing PKI
- Ways to enhance an organization’s overall security strategy by embracing a quantum-readiness mindset
Organizations must prepare now for quantum threats with a holistic preparedness plan. Sectigo PQC Labs’ robust testing environment, paired with Sectigo’s QUANT (Quantum-resistant, Uncover, Assess, Navigate, Track) readiness strategy, represents a critical first step approach to prepare any organization for a quantum future.
