Sectigo Unveils Post-Quantum Cryptography Platform That Supports NIST Requirements

Breaking RSA and other cryptography solutions may be possible with quantum computers, experts assert, because those computers can perform complex computations at incredible speeds.

Sectigo, a tech firm that supplies digital certificate management solutions, recently announced its new platform that can help organizations transition to “quantum-resistant cryptography,” the company said in a news release.

Quantum-proof cryptography, also known as post-quantum cryptography (PQC), focuses on protecting cryptographic methods from being compromised by future quantum computers, according to a post on the California Institute of Technology’s site.

For example, RSA is widely used cryptography to secure data transmissions. RSA uses a secure private key made with two large prime numbers created by an algorithm. “The product of those two numbers then is used, along with an exponent, to create the public key, also using an algorithm. Anyone can encrypt information using the public key, but once they have, the information can only be decrypted using the private key,” Caltech explained in its post.

“The encryption system relies on the fact that it is prohibitively time consuming and computationally intensive to factor the large integer in the public key to determine the two prime numbers that make up the private key,” the post further stated.

Breaking RSA and other cryptography solutions may be possible with quantum computers, experts assert, because those computers can perform complex computations at incredible speeds.

Scottsdale, Arizona-based Sectigo recently announced Sectigo PQC Labs, a platform created in collaboration with Crypto4A, a provider of quantum-safe hardware security modules (HSMs).

Sectigo PQC Labs is a sandbox testing platform built with the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) post-quantum standards, Sectigo said. The platform gives organizations the ability to test PQC assets, educate users about PQC integration into existing PKI, and issue pure PQC certificates.

Other PQC solutions exist like KeyFactor and SandboxAQ AQtive Guard. However, Sectigo says it is the first to offer a solution that meets NIST requirements.

NIST has set a deadline of the year 2035 for migrating to PQC across federal systems.

“Any digital system that uses existing public standards for public‑key cryptography, or that is planning to transition to such cryptography, could be vulnerable to an attack by a Cryptographically Relevant Quantum Computer (CRQC). To mitigate this risk, the United States must prioritize the timely and equitable transition of cryptographic systems to quantum-resistant cryptography, with the goal of mitigating as much of the quantum risk as is feasible by 2035,” the NIST stated in its report.

“Quantum threats represent a fundamental and existential risk to any organization wishing to safeguard valuable digital assets,” said Kevin Weiss, chief executive officer at Sectigo, said in a statement. “Sectigo PQC Labs is pioneering the industry as the first certificate testing environment backed by an industry-leading quantum-safe HSM. This cutting-edge capability empowers organizations to test their systems in a secure environment, equipping them with the confidence and foresight needed to seamlessly transition to a post-quantum era. By leveraging Sectigo PQC Labs, organizations can stay decisively ahead of the curve, fortifying their public key infrastructure (PKI) and enhancing their overall security architecture against the challenges of tomorrow."