MTG PQC Solutions
With our PQC portfolio, it is already possible to protect data against future decryption by quantum computers. For this purpose, existing MTG ERS® components have been extended with PQC algorithms.
There are a number of challenges and rules to consider when integrating PQC algorithms. More space must be considered for PQC keys and signatures, which can cause problems with limited database schemes or source codes (e.g., for Firefox or Libraries). When selecting algorithms, systems should be able to flexibly adapt to current progress in ongoing standardization processes. An often underestimated aspect is the holistic view of a PQC implementation project. When using PQC algorithms, it is crucial that the complete key management lifecycle is taken into account.
Against this background, the use of hybrid processes has an important role at MTG, so that classical as well as PQC processes can be supported. Hybrid procedures combine the advantages of both worlds: On the one hand, the robustness of cryptographic methods that have been proven millions of times and are in use (e.g., RSA, ECC) and, on the other hand, the combined use of the new, post-quantum secure methods.
A key aspect of MTG's development processes is what is known as crypto-agility. This is the ability to add and remove cryptographic algorithms from and to our products with minimal effort and downtime. In the area of PQC, we currently rely on highly secure hash-based algorithms such as XMSS and SPHINCS+ for signature operations and code-based algorithms such as Classic McEliece for asymmetric public-key encryption and key exchange.
We always take into account the latest developments in the standardization processes and thus keep our ERS® solutions flexible and up-to-date.
PQC integration in customer application
In close cooperation with our customers, the integration of PQC into existing applications and protocols is implemented as part of a joint consulting project, For this purpose, we build on MTG's existing products, which are already "PQC-ready", such as MTG CARA for PQC certificates.
Research & development
In the development of our PQC solutions and services, we cooperate closely with research institutions (e.g. Fraunhofer SIT and universities).
The PQC developments and findings were supported within the scope of two funding projects:
LOEWE 3 Projekt Use-A-PQClib
Within the LOEWE 3 project Use-A-PQClib, supported by the state of Hessen, MTG has integrated the PQC algorithms Classic McEliece and SPHINCS+ into today's common interfaces, protocols and libraries such as TLS; PKCS#11 and NSS. This created the possibility to enable PQC secure connections with the browser already today and to develop quantum computer resistant email encryption as well as signing. The project was successfully completed on December 31, 2020. Cooperation partner in the project was the University of Applied Sciences Darmstadt.
BMBF Projekt QuantumRISC
The BMBF-funded project QuantumRISC - Next Generation Cryptography for Embedded Systems, aims to investigate post-quantum cryptography methods for resource-limited embedded systems and to move them from theory to application. As a result of the project, PQC techniques will be optimized for low power consumption and low memory requirements while maintaining a high level of security.