Identity Review | Global Tech Think Tank
Keep up with the digital identity landscape.
In the current era where new devices, softwares, applications and technologies are constantly being developed, quantum computing shines as one of the highest-potential technological frontiers being explored. Through the use of qubits and superpositioning, quantum computers offer a higher amount of processing power than classical computers that can crunch data with an exponentially greater level of efficiency due to its different method of computing. Currently, quantum computing has been tested and researched by major tech giants including Google, Baidu, IBM and more, who all are working to develop new implementations of quantum computing to tackle problems in areas including machine learning and AI, data analysis and operations, information security, and blockchain.
Evidently, quantum research will unlock technological capabilities that have never been fathomed before. However, given the astronomical power of quantum computers, the development of these machines causes a new set of problems, especially in the encryption space, since their increased efficiency in factoring numbers and analyzing huge amounts of data renders many popular encryption methods useless. Therefore, digital identity and cybersecurity companies have been working to tackle this problem to ensure that user data will be protected and secured for years to come.
This past August, digital identity and cybersecurity solution provider Sectigo announced the launch of Sectigo Quantum Labs to prepare and help organizations adapt encryption methods and algorithms for the quantum computing future. Alongside this launch, Sectigo has also announced its partnership with ISARA Corporation, a crypto-agile quantum-safe security provider. Together, the companies aim to provide enterprises with tools (including Sectigo Quantum Labs) for issuing quantum-safe certificates for users, applications, servers, developers and more.
Industry experts approximate that in the next decade, advances in quantum computing capabilities will render certain encryption methods unsecure. This includes RSA and ECC (Elliptic Curve Cryptography) encryption and digital signature algorithms, which are effectively impossible to crack using traditional computers. Quantum computers, however, use the superpositioning of qubits to process immense amounts of data at the same time, allowing them to attack these encryption algorithms at a much faster rate. Over time, this means that data protected by RSA and ECC algorithms will be at risk of theft. Enterprises using these encryption solutions will require newly engineered encryption methods to overcome quantum supremacy.
In response to this problem, Sectigo launched Sectigo Quantum Labs to assist enterprises and executives in understanding and preparing for the quantum future by maintaining cryptographic agility. In particular, Sectigo Quantum Labs provides information that breaks down the quantum cryptographic landscape and explains how to ensure continued security through the advent of production quantum computers and beyond, offering educational videos, webinars, white papers, podcasts and other educational assets. As the quantum landscape further develops, Sectigo aims to continue offering new tools, platforms and guidance to enterprises and organizations.
“We have vendors right now who are building devices that will consume a cryptographic certificate for digital identity, authentication or digital signing purposes that will probably have a greater-than five to fifteen-year lifespan” said Jason Soroko, Chief Technology Officer of PKI at Sectigo. “The zed date of the cryptographic apocalypse intersects with that timeframe. So, devices being built today might need to have that level of cryptographic agility and eventually switch over to a different kind of cryptographic algorithm, especially a quantum-safe cryptographic algorithm.”
In an effort to further develop quantum-safe solutions for encryption and offer more robust resources for enterprises, Sectigo also announced its partnership with ISARA Corporation to incorporate ISARA’s quantum-safe cryptographic algorithms in new quantum-resilient PKI solutions for deployment in advance of the Quantum Apocalypse.
In particular, through this partnership, Sectigo released their Quantum-Safe Certificate Toolkit, a resource package that includes the basic tools needed to create quantum-safe certificates including scripts, algorithms and other information needed for enterprises to issue private-root TLS certificates using candidate quantum-safe cryptography. Furthermore, the toolkit also contains sample applications showing the use of quantum-safe algorithms as references for developers and security professionals who are evaluating, building, and testing quantum-safe encryption systems.
“Our partnership with ISARA provides Sectigo with a wealth of practical understanding of leading quantum-safe candidate algorithms and how to implement them,” said Soroko. “Combining our resources enables enterprises to prove their crypto agility and build concrete plans to roll out quantum-safe certificates as soon as they are commercially available. Once we know which algorithms to use in each specific circumstance, CISOs will want the ability to push them out quickly. Sectigo and ISARA’s technical capabilities combine to make that possible.”
With the high complexity and potential use of quantum computing, knowing where the world will end up technologically in the near future is nearly impossible. Of course, with all innovation comes new problems regarding privacy and data, so it is important to develop new security measures alongside new breakthrough technologies.
“We are constantly innovating and looking to make identity and certificate management easier,” said Soroko. “It’s tough enough to do security and try to establish trust, especially if you don’t have visibility and if you don’t have the ability to see and manage all of your systems in one place. Today’s modern PKI addresses those situations, not only with bleeding edge quantum technologies, but by future-proofing your trust and governance for all identity use cases.”
ABOUT THE WRITER
Serena He is a Tech Innovation Fellow from the University of Southern California who is interested in AI and the intersection of design and technology. She enjoys covering news across the digital identity and tech space.