13 Feb 2019

DigiCert, Inc., global provider of TLS/SSL, IoT and PKI solutions; Utimaco, one of the world’s top three Hardware Security Module providers; and Microsoft Research, a provider of quantum-safe cryptography, announced a successful test implementation of the “Picnic” algorithm, with digital certificates used to encrypt, authenticate and provide integrity for connected devices commonly referred to as the Internet of Things (IoT). This proof of concept provides a path toward a full solution, currently in development, that will protect IoT devices from future threats that quantum computing could pose to today’s widely used cryptographic algorithms.

IoT devices with RSA and ECC cryptography Currently, most IoT devices use RSA and ECC to protect confidentiality, integrity and authenticity for device identities and communication

Currently, most IoT devices use RSA and ECC to protect confidentiality, integrity and authenticity for device identities and communication. Experts from the security community, including Dr. Brian LaMacchia from Microsoft Research, predict that large-scale quantum computers capable of breaking RSA and ECC public key cryptography will exist within the next 10 to 15 years. Although this might seem like a long time away, many devices such as connected cars, smart homes, connected cities, connected medical devices and other critical infrastructures will either live longer than this or will take longer to update.

DigiCert, Microsoft Research and Utimaco are collaborating today to solve tomorrow’s problem of defending connected devices and their networks against the new security threats that the implementation of quantum computers will unleash,” said Avesta Hojjati, Head of DigiCert Labs, the company’s R&D unit. “Together, we are leading the market with development of hybrid certificates that inject quantum-resistant algorithms alongside RSA and ECC to ensure long-term protection.

DigiCert uses Utimaco Hardware Security Module

The certificates are issued by DigiCert using the Picnic quantum-safe digital signature algorithm developed by Microsoft Research. To implement this algorithm and issue certificates, DigiCert has used an Utimaco Hardware Security Module. The full solution, in development, would provide quantum-safe digital certificate issuance and secure key management, helping companies future-proof their IoT deployments. The cooperation between DigiCert, Microsoft Research and Utimaco will help organisations implement secure and future-proof IoT products"

The cooperation between DigiCert, Microsoft Research and Utimaco will help organisations implement secure and future-proof IoT products that are protected against the potential security threats of quantum computing,” said DigiCert CTO. Dan Timpson.

Enterprises will be able to cost-effectively deploy these solutions at any scale. Further, these companies will provide solutions and tools to manufacturers of IoT devices to remain prepared for quantum threats. The goal is to keep the sensitive information and high-value assets safe.

Implementation of quantum-safe solutions

DigiCert, Utimaco and Microsoft’s successful test implementation provides a fundamental building block for the implementation of quantum-safe solutions,” said Dr. Thorsten Grötker, CTO at Utimaco. “Using these solutions, IoT manufacturers and other large organisations can innovate and develop products that are well prepared against coming quantum threats.

Brian LaMacchia, Distinguished Engineer and Head of the Security and Cryptography Group at Microsoft Research, said, “The work that Microsoft Research is doing with DigiCert and Utimaco is important to develop quantum-secure cryptographic algorithms, protocols and solutions today so that in the near future enterprises will be able to transition to and deploy quantum-safe cryptography. Working to ensure that their solutions are cryptographically agile will help companies avoid expensive and unscalable security practices to protect their IoT devices against future security threats.