Home 5 Knowledge 5 Post Quantum Cryptography bei SwissPKI

Post Quantum Cryptography bei SwissPKI

SwissPKI’s commitment to innovation and security is exemplified by our adoption of Post-Quantum Cryptography. With PQC support, we are not just addressing current security needs but also anticipating future challenges. Trust SwissPKITM to keep your data safe in the quantum era.

Introducing Post-Quantum Cryptography (PQC) Support 

At SwissPKITM, we are committed to staying ahead of the curve in cybersecurity. As quantum computing continues to advance, traditional cryptographic methods face increasing vulnerabilities. To address this, we are excited to introduce Post-Quantum Cryptography (PQC) support for our product.

What is PQC? 

Post-Quantum Cryptography is a new class of cryptographic algorithms designed to be secure against the potential threats posed by quantum computers. Unlike classical cryptographic methods, PQC algorithms are built to withstand the immense computational power of quantum machines, ensuring the highest level of security for your data.

Why PQC Matters 

Quantum computers have the potential to break widely used cryptographic protocols, such as RSA and ECC, which are the backbone of current digital security. By integrating PQC support, SwissPKITM ensures that your sensitive information remains protected even in the quantum era. This proactive approach safeguards your data against future threats, providing peace of mind and robust security.

Key Benefits of PQC Support 

  • Enhanced Security: PQC algorithms offer superior protection against quantum attacks, ensuring your data remains secure.
  • Future-Proof: By adopting PQC, you are preparing for the future of cybersecurity, staying ahead of potential quantum threats.
  • Seamless Integration: Our PQC support is designed to integrate smoothly with existing systems, minimizing disruption and maximizing security.
 

 Technical Overview of Our PQC Integration

SwissPKITM‘s PQC integration includes full support for a range of NIST-selected algorithms, ensuring both cryptographic diversity and readiness for future standards. Specifically, we support the following:

  • Signature Algorithms
      • ML-DSA (Dilithium): ML-DSA-44, ML-DSA-65, ML-DSA-87
      • SLH-DSA (SPHINCS+)
      • SHA2 variants: SLH-DSA-SHA2-128s/f, 192s/f, 256s/f
      • SHAKE variants: SLH-DSA-SHAKE-128s/f, 192s/f, 256s/f
  • Encryption Algorithms
      • ML-KEM (Kyber): ML-KEM-512, ML-KEM-768, ML-KEM-1024
        These are used primarily for S/MIME encryption use cases.

Our implementation interoperates with OpenSSL 3.5, which officially includes support for post-quantum cryptographic algorithms—specifically ML-KEM, ML-DSA, and SLH-DSA.

  • Hardware-based: through Securosys HSM, provided the latest firmware is installed.
  • Software-based: allowing flexible deployments for development and testing.

While adoption of PQC is still evolving, especially among mainstream clients (e.g., common email clients do not yet support PQC S/MIME), SwissPKITM is architected for forward compatibility. As additional HSM vendors and client applications expand their support, SwissPKITM is fully prepared to integrate and extend PQC coverage accordingly.

Share This