Who needs PQC today?
Post-Quantum Cryptography (PQC) is the area of cryptography that deals with cryptographic principles and algorithms that are secure against attack by quantum computers. According to experts, commercial quantum computers are expected to be available by the end of the next decade.
This seems still far away in the future. Against this background it seems very reasonable for managers to still wait for the completion of the NIST standardization procedures for PQC algorithms. However, this strategy entails risks, because PQC is already relevant today, especially for long-lasting products and critical infrastructures.
Applications that work with asymmetric encryption methods and thus exchange data securely today are especially affected. Encrypted data that is recorded today will be easily decrypted in the future due to quantum computers. As a result, significant damage can be caused retrospectively.
A self-driving car that is developed and sold this decade is highly expected to be exposed unprotected to new attack risks during its operational lifetime. As soon long-lived products and services "run into" the quantum computing age using current encryption methods, it is too late for companies to act in time
As soon as long-lasting products and services "run into" the quantum computing era with today's common encryption methods, it is too late for companies to act in time.
For this reason, decision-makers from relevant industries need to take appropriate action today to protect against future threats from quantum computers. Affected industries include:
- Transportation (e.g., automotive industry, railroad operations, airports)
- Energy supply (e.g. power plant operation, grid operation),
- Public authorities (e.g. police, military, government, judiciary),
- Research & development (e.g. high-tech companies, government research institutions).
In particular, the industries listed above should waste no time in becoming quantum safe to protect themselves from potential quantum computing attacks at an early stage.
PQC-PKI Online Demo
Our open-access online PKI platform allows you to generate your own cost-free post-quantum and traditional certificates for testing purposes.
More info about the online demo can be found here: MTG PQC-PKI Demo (© MTG)
MTG PQC Solutions
The protection of your data against future decryption with quantum computers is already possible with our PQC portfolio today. For this purpose, a new generation of MTG products has been developed, which allow a seamless integration of PQC Algorithms.
PKI-Platform CARA (MTG CARA)
MTG CARA is a flexible, configurable, multi-tenant CA system for the generation and administration of certificates using traditional and post-quantum cryptography (PQC).
Key Management System (MTG KMS)
MTG KMS is a centralized, highly available management and encryption of traditional and PQC keys for various applications.
Hardware Security Modules (HSM)
Even in the age of PQC schemes, HSMs remain the backbone of the security infrastructure. MTG therefore supports PQC schemes in selected HSM models. This is achieved by the integration of PQC algorithms into the desired HSM. The integration can also be undertaken into existing HSMs being used productively today.
PQC integration in customer projects
In close cooperation with our customers, the integration of PQC in existing applications and protocols is implemented as part of a joint project. For this purpose, the existing products of MTG are used, which are already "PQC-ready", such as MTG CARA for PQC certificates and MTG PQC-TLS.
Use of hybrid methods
An important aspect for the successful integration of new PQC algorithms is the application of hybrid methods. In hybrid protocols, we can thus support both classical and PQC methods. Hybrid methods combine the advantages of both worlds: On the one hand, the robustness of cryptographic methods that have been proven millions of times and are in operation (e.g. RSA, ECC) and, on the other hand, the combined use of the new, post-quantum secure methods.
PQC Standardization & Crypto Agility
The standardization of the PQC schemes is an essential step towards a more secure, reliable and widely used PQC. Leading institutions such as ETSI, ITU-T and NIST have already started various standardization processes, but the end results are not expected for some years to come. Until then, we rely on highly secure, hash-based algorithms like XMSS and SPHINCS+ for signing operations and code-based algorithms like Classic McEliece for asymmetric public key encryption and key exchange.
We always consider recent developments in our projects and keep our solutions "upgradeable". A central aspect of our development processes is Crypto Agility. This is the ability to add and remove cryptographic algorithms from and to our products with minimal effort and down time.
Research & Development
When developing our PQC solutions and services, we remain in regular cooperation with other PQC specialized companies (e.g. Isara) and also work closely with research institutions (e.g. Fraunhofer SIT and universities). We constantly monitor the developments of the NIST Competition to determine the future PQC schemes. This ensures that only recognized and tested PQC schemes are implemented in our products and projects.
Downloads & Links
MTG PQC Flyer
Classic McEliece Implementation with Low Memory Footprint
- A Scientific Paper (en)
MTG Post-Quantum Cryptography Whitepaper Website
PQC PKI Online Demo & Test certificates
Cybersecurity with a vision! Prof. Dr. Johannes Buchmann becomes member of the supervisory board of MTG.
Video Präsentation of a Classic McEliece Implementation with Low Memory Footprint