Q-safe – Applying Quantum-Resistance to Applications and Use Cases

Key Benefits

Post Quantum Cryptography (PQC) Algorithms

PQC algorithms for signature creation and key encapsulation can be applied to an existing cryptographic infrastructure.

Evaluation of a Cryptographic Infrastructure

Prepare for future challenges by using the Q-safe simulator and evaluating the performance and usability of quantum-resistant algorithms within crypto infrastructure

Retrofittable Firmware Module

Q-safe enables an additional layer of PQC security as an in-field upgrade for SecurityServer general-purpose HSMs.


Q-safe – Adding Quantum-Resistance to Applications and Use Cases

Q-safe from UTIMACO is a future-proof firmware extension enabling organizations to prepare for the era of quantum computing – a serious threat to traditional cryptographic algorithms that has the potential to decimate the future security infrastructure of the digital economy.

By integrating post-quantum cryptography into business applications and IT infrastructures, Q-safe enables organizations to address this challenge immediately. Q-safe adds the extra layer of quantum-safe security to digital processes such as document signing or code signing, issuing of PQC or hybrid certificates for public key infrastructures (PKI), or key injection and chip personalization by executing quantum-safe crypto algorithms within the secure boundaries of the HSM.

The algorithms used by Q-safe are amongst the finalists of the ongoing NIST standardization process. Some of them have recently been endorsed by BSI (Federal Office for Information Security, Germany). These algorithms are the building blocks for quantum-safe infrastructures and for hybrid crypto schemes that will be deployed in a transition phase to defend against the threat to traditional asymmetric cryptography posed by the emergence of quantum computing.

Because the Q-safe firmware module is retrofittable, it can be easily added to the SecurityServer Se Gen2 series HSM firmware. It is also available as a simulator extension, which makes evaluation and integration testing of Q-safe with business applications simple.

Easy integration

Support for various cryptographic algorithms

Secure backup and restore functionality


Our on-premise options allow hosting the product directly on-site in your own network or data center.

As a service

Our as-a-service options are hosted by UTIMACO in certified datacenters and include everything from set-up to deployment to maintenance.

CryptoServer SDK

UTIMACO’s professional development kit allows for implementing firmware extensions for SecurityServer and PaymentServer built on CryptoServer Se Gen2- and CryptoServer CSe-series.

Find more details


u.trust 360

u.trust 360 is a hardware and software based management platform enabling centralized administration, monitoring and provisioning for Atalla AT1000 and CryptoServer LAN V5 HSMs.

Find more details