Geneva, Switzerland – WISeKey International Holding Ltd, a global cybersecurity, Blockchain and IoT company, announced advances in its “post-quantum” strategy designed to support a new grade of future-proof PKI services.
WISeKey is developing a new range of trust services, that will take advantage of the latest developments in post-quantum encryption (PQE) to be applied in real-world applications of digital signatures and encryption using PKI and digital certificates, such as secure communication channels (TLS), enhanced Key Exchanges and email security (S/MIME). These services are currently based in standards that can be improved to be resilient to quantum attacks and offer backwards compatibility with existing counterparts. WISeKey implementation of PQE is done around the concept of “hybrid signatures” which combine in a single X.509 certificate a conventional signature with a second signature using a PQE algorithm. This approach ensures backwards compatibility and opens a new horizon of cybersecurity services.
Later this year, WISeKey plans to offer a first “root of trust” based in PQE algorithms promoted currently by the NIST as valid candidates, which will be the foundation of a new portfolio of trust services and secure several IoT projects on which WISeKey is already working.
Previously WISeKey provided updates on its progress in developing post-quantum resistant algorithms by establishing strategic R&D partnerships with MINES Saint-Etienne research institute. WISeKey’s R&D group has been working with several NIST’s candidates for the MS600X common criteria products, such as Crystals-Kyber and Crystals-Dilithium, aiming to develop a complete post-quantum cryptography toolbox to be combined with new PKI-related trust services delivered by WISeKey.
These post-quantum cryptography initiatives will play a key role in controlling vulnerability and other risks related to quantum computers technologies which when used by hackers can give them the ability to crack cryptography algorithms, corrupt cybersecurity and compromise global economy by undermining the security foundations of the current financial and governmental services. These initiatives have received tremendous support by many government entities around the world through the sponsoring of public/private R&D projects. In particular, WISeKey is active in key initiatives promoted by French Agency for Cybersecurity (ANSSI), and by the National Cybersecurity Centre of Excellence of the US NIST.
“WISeKey is, once more, demonstrating a clear focus on playing an active role shaping the future of the internet security. We have a solid approach in developing new products to implement post-quantum encryption technologies, and for this we will be dedicating all the necessary R&D resources,” says Carlos Moreira, founder and CEO of WISeKey.
WISeKey’s strategy to further expand its U.S. operations will also benefit from its recent collaboration with NIST for the NCCoE trusted IoT device network-layer onboarding and lifecycle management consortium project. Additional information on this consortium can be found at NCCoE. For this project, WISeKey is working with NIST to define recommended practices for performing trusted network-layer onboarding, which will aid in the implementation and use of trusted onboarding solutions for IoT devices at scale. The WISeKey contributions to the project will be trust services for credentials and secure semiconductors to keep the credentials secure. Specifically, WISeKey will offer INeS certificate management service (CMS) for issuing credentials and VaultIC secure semiconductors to provide tamperproof key storage and cryptographic acceleration.
Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow.
