Thales Trusted Cyber Technologies   Contact Us | Careers

PQC Standards Released – Start Today

PQC Standards Released – Start Today

August 13, 2024

Thales Trusted Cyber Technologies (TCT) would like to congratulate NIST, academia, and industry in reaching the milestone of releasing the first set of Post Quantum Cryptography (PQC) standards. This milestone is a result of many years of research, development, testing, and collaboration. Thales TCT is both prepared and excited to move to the next phase of getting standards compliant, interoperable solutions deployed to combat the looming quantum threat.

When Thales TCT started this PQC journey almost a decade ago, we communicated a four-part Quantum Safe Transition Strategy to our federal agency customers and industry partners focused on education and planning: Quantum is Coming, Know Your Risks, Focus on Crypto Agility, and Start Today.

With the recent announcement of the PQC standards, we have clearly arrived at the Start Today phase. In the context of PQC, Start Today means different things to different organizations. For federal agencies, they can start planning their upgrades of crypto agile IT infrastructure to firmware or software that has implemented the new PQC standards. For product suppliers, standards organizations, and industry consortia Start Today means resolving the few remaining issues that were holding back large-scale releases and deployment of interoperable PQC implementations.

Thales TCT has been actively involved in industry and government’s PQC transition. Since 2021, Thales TCT’s Luna T-Series Network and PCIe hardware security modules (HSMs) FIPS 140 certification has included the onboard, user-configurable quantum entropy source. Thales TCT has participated as one of the earliest members of NIST’s National Cybersecurity Center of Excellence’s “Migration to Post-Quantum Cryptography Project,” contributing the T-Series HSM and conducting interoperability testing to ensure PQC implementations are supported across the industry. Thales is also a member of the Post-Quantum Cryptography Alliance, the steward organization for the development and maintenance of open-source PQC libraries. Additionally, Thales TCT and the National Security Agency (NSA) have signed a Cooperative Research and Development Agreement (CRADA) for evaluating the NIST selected PQC algorithms when operating on an HSM. The CRADA results will be used by Thales TCT to accelerate PQC algorithm deployment and assist the government and other HSM users in understanding the value of using PQC enabled HSMs to mitigate the quantum threat. Thales is also a contributing member of the OASIS PCKS#11 Technical Committee which is instrumental in defining interoperable specifications for cryptographic modules.

With crypto agility implemented across its product lines, Thales TCT has actively prototyped NIST PQC algorithm finalists within its products and is now focusing on the standardized PQC algorithms and corresponding protocols. Thales TCT fully intends to deliver the benefits of our engagement and leadership in PQC to existing Luna T-Series HSM customers by offering in-field firmware upgrades that will enable use of the NIST-standardized PQC algorithms within a FIPS 140 certified cryptographic module. Since July 2023, pre-standards implementations of PQC algorithms are available to Luna T-Series HSM users to enable initial testing and planning for the PQC transition.

In a very similar manner, Thales Network Encryptors include crypto agility and in-field upgrades to PQC algorithms as a core feature of their architecture. Currently fielded Network Encryptors have pre-standards implementations of the PQC algorithms to allow agency testing and planning. With the release of these PQC standards, a firmware update will be made available so agencies can quickly and easily transition to quantum safe network encryption solutions. The remainder of the Thales TCT product portfolio will similarly be offered to agencies and partners as we complete the final stages of PQC algorithm implementation and interoperability testing.

About Thales Trusted Cyber Technologies

Thales Trusted Cyber Technologies, a business area of Thales Defense & Security, Inc., is a trusted, U.S. provider of cybersecurity solutions dedicated to U.S. Government. We protect the government’s most vital data from the core to the cloud to the edge with a unified approach to data protection. Our solutions reduce the risks associated with the most critical attack vectors and address the government’s most stringent encryption, key management, and access control requirements.

For more information, visit www.thalestct.com