Q-safe

Q-safe – Applying Quantum-Resistance to Applications and Use Cases

  • Firmware extension module for installation on SecurityServer Se Gen2 and SecurityServer CSe series HSMs
  • Applies quantum-resistance to a crypto infrastructure
  • Includes a Software simulator for evaluation and integration testing
  • Supports PQC algorithms recommended by NIST & BSI: CRYSTALS-KYBER, CRYSTALS-Dilithium, XMSS, XMSS-MT, and HSS

Key Benefits

Post Quantum Cryptography (PQC) Algorithms

PQC algorithms for signature creation and key encapsulation can be applied to an existing cryptographic infrastructure.

Evaluation of a Cryptographic Infrastructure

Prepare for future challenges by using the Q-safe simulator and evaluating the performance and usability of quantum-resistant algorithms within crypto infrastructure

Retrofittable Firmware Module

Q-safe enables an additional layer of PQC security as an in-field upgrade for SecurityServer general-purpose HSMs.

Details

Q-safe – Adding Quantum-Resistance to Applications and Use Cases

Q-safe from UTIMACO is a future-proof firmware extension enabling organizations to prepare for the era of quantum computing – a serious threat to traditional cryptographic algorithms that has the potential to decimate the future security infrastructure of the digital economy.

By integrating post-quantum cryptography into business applications and IT infrastructures, Q-safe enables organizations to address this challenge immediately. Q-safe adds the extra layer of quantum-safe security to digital processes such as document signing or code signing, issuing of PQC or hybrid certificates for public key infrastructures (PKI), or key injection and chip personalization by executing quantum-safe crypto algorithms within the secure boundaries of the HSM.

The algorithms used by Q-safe are amongst the finalists of the ongoing NIST standardization process. Some of them have recently been endorsed by BSI (Federal Office for Information Security, Germany). These algorithms are the building blocks for quantum-safe infrastructures and for hybrid crypto schemes that will be deployed in a transition phase to defend against the threat to traditional asymmetric cryptography posed by the emergence of quantum computing.

Because the Q-safe firmware module is retrofittable, it can be easily added to the SecurityServer Se Gen2 series HSM firmware. It is also available as a simulator extension, which makes evaluation and integration testing of Q-safe with business applications simple.

Easy integration

  • Application integration using PKCS #11 “Vendor Defined Mechanisms”
  • Firmware module for in-field upgrade on your installed base of SecurityServer Se Gen2 series HSMs
  • Library for upgrade of SecurityServer simulators, for evaluation, development, and integration testing

Support for various cryptographic algorithms

  • Digital signature algorithms Dilithium, HSS, XMSS and XMSS-MT
  • Key encapsulation algorithm Kyber
  • Provision of a PQC Consultancy designed to support customers and partners in making the right choice of algorithms and developing a roadmap towards a quantum-safe IT security infrastructure

Secure backup and restore functionality

  • Available for stateful schemes

On-premise

Our on-premise options allow hosting the product directly on-site in your own network or data center.

  • Firmware Extension

As a service

Our as-a-service options are hosted by UTIMACO in certified datacenters and include everything from set-up to deployment to maintenance.

CryptoServer SDK

UTIMACO’s professional development kit allows for implementing firmware extensions for SecurityServer and PaymentServer built on CryptoServer Se Gen2- and CryptoServer CSe-series.

Find more details

 

u.trust 360

u.trust 360 is a hardware and software based management platform enabling centralized administration, monitoring and provisioning for Atalla AT1000 and CryptoServer LAN V5 HSMs.

Find more details

Contact us

We look forward to answering your questions.