Big News from NIST
2024-08-13
NIST (National Institute of Standards and Technology) has now announced the standardization of three post-quantum cryptography (PQC) algorithms:
- FIPS 203, ML-KEM (CRYSTALS-KYBER) for Public-Key Encryption/KEMs
- FIPS 204, ML-DSA (CRYSTALS-Dilithium) for Digital Signatures
- FIPS 205, SLH-DSA,(SPHINCS+) for Digital Signatures
Embracing the Future of Cryptography
Shout out to all the engineers pushing the boundaries of innovation! Let's champion crypto-agility in everything we create — ensuring algorithms, keys, device identities, and Roots of Trust are all updatable. Remember, this won't be the last time we need to manage migrations.
Keyfactor, with our open-source products EJBCA, SignServer, and Bouncy Castle, has been at the forefront of quantum readiness throughout the rounds of the NIST competition and candidate algorithms, allowing community users, customers, and partners to test and prepare for more than a year already. We are now excited to incorporate the approved algorithms across our PKI, certificate management, code signing, and cryptographic API solutions.
Start Now and Get Ready
We have prepared several resources to help you become familiar with post-quantum algorithms and strategies for getting ready:
Get Started tutorials with PQC Cryptography, PKI and Code Signing
- EJBCA in Practice: PQC PKI with Open-Source CA
- Quantum-Ready Code Signing with SignServer
- Bouncy Castle Tutorial videos
- KEYMASTER Session - It’s time to get to know the new guys on the street!
- Navigating the Quantum Readiness Journey -Securing Kubernetes with Quantum-Resistant Algorithms by Tomas Gustavsson at the Cloud Native Security Conference 2024
Keyfactor Community Tech Meetup 2024
Don’t miss our in-person event in September, featuring three presentations and one workshop dedicated to post-quantum readiness, implementation, and migration strategies. Engage with our subject matter experts and share experiences with peers in the industry. Read more about 2024 Keyfactor Community Tech Meetup 2024 and sign up:
Keyfactor PQC Lab
If you haven't already done so, be sure to bookmark the Keyfactor PQC Lab webpage. It offers the latest information, resources, and webinars to keep you updated and support you throughout your quantum readiness journey.
Preparing for Product Updates and Keyfactor Timeline
We are awaiting the final OIDs for the algorithms and will then release a new version of Bouncy Castle, followed by updates for EJBCA and SignServer, as well as other Keyfactor products. Our plan is to follow our standard release schedule. However, remember that nothing hinders you from starting today, as the final versions will only be an upgrade away.
Related resources
#KEYMASTER: The Future of PKI – When (and Why) to Transition Away from Microsoft PKI