Google Cloud has launched a preview feature of quantum-safe digital signatures in its Cloud Key Management Service (KMS). This feature aims to secure encryption systems against future threats from quantum computers, aligning with NIST's post-quantum cryptography (PQC) standards finalized in August 2024. It includes multiple standards such as FIPS 203, FIPS 204, and FIPS 205, with implementation details available as open-source software. By adopting PQC, Google seeks to mitigate risks from potential future decryption of currently encrypted data. Experts recommend that organizations consider these measures promptly, especially for long-lived systems.
While that future may be years away, those deploying long-lived roots-of-trust or signing firmware for devices managing critical infrastructure should consider mitigation options against this threat vector now.
Our Cloud KMS PQC roadmap includes support for the NIST post-quantum cryptography standards, in both software and hardware.
Collection
[
|
...
]