September 15, 2025
Thales Trusted Cyber Technologies (TCT) is pleased to announce the release of version 7.15.0 of the Luna T-Series Network, PCIe, and Tablet HSMs.
This is the first Luna T-Series HSM release to provide fully standardized implementations of post-quantum cryptographic (PQC) algorithms. As directed by multiple U.S. Federal policies, agencies are instructed to start testing and deploying PQC solutions. This release enables systems rooted in a Luna T-Series HSM to build on a quantum-resistant foundation. The algorithms supported in this release are:
- ML-KEM (FIPS 203)
- ML-DSA (FIPS 204)
Additionally, Thales TCT Luna T-Series HSM already support the Leighton-Micali Signature (LMS) stateful hash-based signature mechanism, along with its multi-tree variant, the Hierarchical Signature Scheme (HSS). Utilizing either LMS/HSS or ML-DSA enables customers to transition to quantum-resistant firmware/software signing in accordance with Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) requirements.
Release 7.15.0 also includes the following new features:
- LMS trees can be instantiated across multiple HSMs for hardware redundancy under NIST SP800-208.
- Support for additional pseudo-random functions (PRF) to counter-mode key derivation functions (KDF) under NIST SP800-108.
- Luna Client support for Windows 11.
This release encompasses multiple Luna HSM components:
- Luna User Documentation Revision N
- Luna T-Series Network HSM appliance software
- Luna T-Series HSM firmware
- Luna Client
Each of these components are available as a download from the Thales TCT Support Portal.
Details regarding these new capabilities are available in the Luna User Documentation (Rev N) and the Customer Release Notes (Rev Y).
