Quantum-Safe Product Verification

Checking for vulnerabilities to quantum threats in software.

Quantum-safe is a broad description of technologies that are resistant to quantum attack. In the context of cybersecurity products, controls and safeguards; a quantum-safe version is built using post quantum cryptography (PQC) or Quantum Key Distribution (QKD). There is an intensifying global effort to build and integrate these technologies into proof-of-concept systems on a path to productization and commercialization.

New post-quantum public key cryptographic algorithm standards are expected to be released in 2023-2025 by NIST. Currently there is an evaluation and analysis period underway to select these new algorithms. Many post-quantum algorithm options are being analyzed, and these algorithms do not have the same characteristics as current standards like RSA and ECC. These new algorithms have varying characteristics making some cryptographic algorithms more suitable or more inferior under certain physical communication channel layer imperfections.

The NIST selection process is expected to produce a few algorithm options. In some ways, choice is good. However, it may be difficult for product manufacturers to characterize the nuance of which algorithm to select for their operating conditions. In many cases, the effects of small increases in processing time or data packet size can compound and have large impacts under imperfect network operation conditions.

evolutionQ’s Quantum-Safe Product Verification Service is a product design and implementation review service conducted by Quantum-Safe engineers and cryptographers with a two-fold goal:

  • Ensuring that a product offers the intended security-level when a quantum-computer is available.
  • Optimize cryptographic algorithm parameter choices for either compute time, message size, channel or battery usage in order to fine-tune a product’s security in the context of typical operating use-cases.

Key Contacts

Brian Neill

VP, Product & Business Development

Brian is a Certified Information Systems Security Professional (CISSP) with a career spanning 20 years in cybersecurity companies building software products and managing cyber security risk.

Quantum Threat Timeline

How long until fault tolerant quantum computers can break cybersecurity?

evolutionQ and the Global Risk Institute assess the timing of the threat.