Latest news with #PQC
Mint
3 days ago
- Business
- Mint
Mint Explainer: As banks brace for quantum attacks, is India moving too slowly?
Banks and financial institutions worldwide are gearing up for the day when quantum computers become stable enough to potentially break traditional encryption, which could cause massive data breaches, falsified transactions, identity theft, and large-scale market manipulation. To guard against this, major players such as JPMorgan, Mastercard, Barclays, Citigroup and Wells Fargo are adopting quantum-resistant or post-quantum cryptography (PQC) encryption that's designed to resist such attacks. JPMorgan, for instance, has launched a quantum-secured, crypto-agile network (Q-CAN) in Singapore using quantum key distribution (QKD), in which encryption keys are encoded in light particles. Since merely observing a quantum particle changes it irreversibly, any hacking attempt disrupts the signal, exposing the tampering. The bank is also aligning its systems with the latest National Institute of Standards and Technology (NIST) standards. In March it collaborated with Honeywell-owned Quantinuum and national labs to generate certified quantum-based random numbers to strengthen cryptographic systems. Also read: India quantum startups win record grants; move closer to real-world applications Last November, Banque de France and the Monetary Authority of Singapore tested quantum-resistant algorithms to encrypt and sign emails across conventional internet systems. They now plan to expand PQC trials to cross-border payment networks. Meanwhile, Mastercard has tested NIST candidate algorithms and explored QKD integration in its global network, despite challenges with compatible hardware. If vendor support continues, Mastercard expects QKD could be ready for deployment within five years. Why the tearing hurry? One may ask: shouldn't financial institutions wait until quantum computers are stable and market-ready, especially since some experts see this happening within 10 years, while others say it will take until 2035-2040? In the computers we use in homes and offices today, two bits can represent one of four possible states—00, 01, 10, or 11—but only one at a time. In contrast, two quantum bits (qubits) in a quantum computer can represent all four states simultaneously, thanks to superposition and entanglement properties, effectively functioning like four classical computers in one. For now, though, while a quantum computer's power grows exponentially when you add more qubits, this also induces more errors. Still, the reason for developing quantum-resistant cryptography quickly is the fear that hackers can steal and store data now, and wait until Q-Day (when quantum computers surpass classical computers) to decrypt it using a quantum machine. This form of attack is known as 'harvest now, decrypt later'. Traditional encryption at risk Banks, stock exchanges, insurance firms and fintech platforms depend on public-key cryptography to secure transactions, protect user identities, and maintain the integrity of their operations. They typically use a combination of encryption methods to ensure security, combining the strengths of both symmetric and asymmetric cryptography. Symmetric encryption uses a single key to encrypt and decrypt data. It's fast and efficient, and thus often used for securing large amounts of data. For instance, it's used when your phone encrypts stored files and by HTTPS websites after conducting an initial handshake. However, the challenge is safely sharing the key between sender and receiver. Asymmetric encryption, on the other hand, uses two keys: a public key to encrypt data and a private key to decrypt it. Advanced Encryption Standard (AES) and Data Encryption Standard (DES) are both symmetric encryption algorithms. Storing data such as customer records or transaction logs relies heavily on AES, especially AES-256, due to its strong security and speed. RSA and ECC on the other hand are examples of asymmetric encryption algorithms. RSA stands for Rivest-Shamir-Adleman, named after its three inventors. It's one of the most widely used encryption methods and secures data using a pair of keys, one public and one private. ECC stands for Elliptic Curve Cryptography, which also uses key pairs but relies on mathematical curves for encryption. Quantum computers, using Grover's algorithm, can find the encryption key used with AES much faster than a classical computer. With Shor's algorithm – quantum algorithm developed by American mathematician Peter Shor in 1994 – a quantum computer can effectively break asymmetric encryption such as RSA and ECC. Also read: Three govt arms join forces to shield India in the quantum computing era Classical computers can take more than 1,024 years to break such algorithms, but quantum computers could do so in a matter of hours using Shor's algorithm. It is estimated that quantum computers could break RSA-2048 in a few hours or less, once they have around 4,000 qubits. (Currently, IBM's Condor has 1,121 qubits; it is targeting a 100,000-qubit system by 2033). In 2021 the Bipartisan Policy Center, a think tank in Washington, DC, estimated that a quantum attack could cause trillions of dollars in economic losses if financial systems remained unprotected. The World Economic Forum has listed quantum attacks on encryption as one of the top 10 cybersecurity threats. By 2029, Gartner predicts that 'advances in quantum computing will make asymmetric cryptography unsafe and by 2034 fully breakable". How are Indian financial institutions preparing for this? In a December 2024 white paper titled 'Securing the Indian Banking Sector in the Age of Quantum Computing', the Reserve Bank Innovation Hub (RBIH) said Indian banks can stay protected from quantum attacks by leveraging the expertise of technology companies and research institutions, adopting a phased approach, and prioritising critical infrastructure. The 2025 Thales Data Threat Report revealed that 68% of respondents in India believe quantum computers could eventually break current or future encryption algorithms, exposing data once considered secure. About 55% of respondent organisations in India said they were prototyping or evaluating PQC solutions, and 49% said they were assessing their encryption strategies. Only 40% said they were placing their trust in telecom or cloud providers to manage the transition. About 56% identified key distribution vulnerabilities, where quantum advancements could undermine the secure exchange of encryption keys. In addition, 58% highlighted the 'harvest now, decrypt later' threat. Also read: What Microsoft's quantum computing breakthrough means for the world Chief information security officers (CISOs) and chief technology officers (CTOs) in India's banking, financial services, and insurance (BFSI) sector have a moderate understanding of quantum computing, with 'an average PQC readiness score of just 2.4 out of 5", highlighting 'a lack of preparedness", according to a 14 May report by the ISB Institute of Data Science titled 'Quantum Resilient Banking: Strategies for a Secure Transition'. The report found that that 57.5% of respondents believed quantum computing would pose a significant threat within three years. Yet, while common security measures such as firewalls and endpoint protection are widely implemented, advanced techniques such as intrusion detection systems and vulnerability management tools remain underutilised, the report added. India, which launched its National Quantum Mission (NQM) in 2023 with an outlay of ₹6,003 crore, is promoting a cohort of startups with the aim of jumpstarting India's capabilities in quantum technologies. With NQM, India plans to develop quantum computers with 50-100 qubits in about five years, and 1,000 qubits and beyond in eight years. While QNu Labs in Bengaluru is focused on developing quantum-safe networks to enable secure communications, QPiAI India, also based in Bengaluru, has already built a 25-qubit superconducting quantum computer. Others such as Chennai-based Quantica Computacao are developing quantum cryptographic tools to help protect banking transactions. Further, the all female-founded Qkrishi Quantum and the Indian Institute of Information Technology-Kottayam (IIIT-K) have partnered to conduct research in quantum finance. Easier said than done The post-quantum cryptography market was valued at $356.4 million in 2023 and is forecast to touch $17.69 billion by 2034, according to ResearchandMarkets. The market encompasses a variety of approaches including lattice-based, hash-based, and multivariate cryptography. Authors of the RBIH note, for instance, specifically recommend lattice-based cryptographic techniques, which offer 'a promising defence against emerging quantum risks... [as they are] designed to be resistant to both classical and quantum attacks." QNu Labs recommends Quantum Random Number Generators (QRNGs) since they 'exploit quantum phenomena to create truly random numbers, a crucial element in strong encryption". Implementing new cryptographic standards could take 10 to 15 years owing to major operational hurdles, though rapid adoption by some tech firms will speed up protections for many users, according to a note by Moody's. While saying the scale of the transition was hard to quantify, it likened the task to the years-long effort to fix the Y2K bug, and moving from fossil fuels to renewables. Also read | Google's Willow: Quantum computing's next big leap? The note also cautioned that performance slowdowns are expected, as quantum-resistant algorithms require larger key sizes and heavier computation. Integrating these standards will demand significant IT expertise and pose technical challenges across legacy systems. A recent note by Infosys unit EdgeVerve Systems cautioned that banks "must address the operational complexities of transitioning to new algorithms, such as managing data retention policies, replacing legacy cryptographic methods, and updating existing infrastructure". It concluded that without a well-defined road map, banks risked falling behind in securing their systems against quantum threats.
Business Wire
3 days ago
- Business
- Business Wire
Post-Quantum Cryptography Coalition Unveils PQC Migration Roadmap
MCLEAN, Va. & BEDFORD, Mass.--(BUSINESS WIRE)--The Post-Quantum Cryptography Coalition (PQCC) released its Post-Quantum Cryptography (PQC) Migration Roadmap to assist organizations of all sizes in navigating the complexities of transitioning to quantum-safe cryptography. 'As quantum computing technology continues to advance, organizations cannot afford to delay preparing for these transformative changes and threats to their security,' said Wen Masters, vice president of cyber technologies, MITRE. Share 'As quantum computing technology continues to advance, organizations cannot afford to delay preparing for these transformative changes and threats to their security,' said Wen Masters, vice president of cyber technologies, MITRE. "This roadmap empowers CIOs (chief information officers) and CISOs (chief information security officers) to act decisively, taking proactive steps to protect sensitive data now and in the future.' Key features of the PQC Migration Roadmap include: Preparation: Learn how to identify relevant stakeholders, assess vulnerabilities, and align organizational goals with migration timelines. Baseline Understanding: Develop an inventory of cryptographic assets and prioritize critical resources. Planning and Execution: Acquire or develop quantum-safe solutions and implement them with precision. Monitoring and Evaluation: Establish robust tracking measures and continuously assess cryptographic security as quantum threats evolve. Building on the National Institute of Standards and Technology PQC standards and the National Cybersecurity Center of Excellence PQC migration project, the coalition's roadmap allows organizations to quickly and easily tailor a PQC Roadmap for their own needs based on the shared experiences of the PQCC members. 'I'm overjoyed to see the coalition come together to create this roadmap that anyone can use to accelerate their own PQC migration,' said Matt Mickelson, lead coordinator of the PQC Coalition and senior cyber principal for science and technology, MITRE. Download the PQC Migration Roadmap to gain insights into how your organization can prepare for the future of quantum-safe security. For more updates, visit to see the state of the migration on the PQC heatmap, and look for a tailorable PQC inventory workbook tool to be released soon. Organizations or individuals that wish to participate in the coalition can visit or contact pqcc-registration-list@ About the Post-Quantum Cryptography Coalition The PQCC is a global community of technologists, researchers, and cybersecurity experts dedicated to providing critical outreach and education to support PQC migration and to bolster efforts to establish and implement interoperable standards and technology. Founded by IBM Quantum, Microsoft, MITRE, PQShield, and SandboxAQ, the coalition brings together more than 125 leading contributors from diverse organizations working to secure the digital landscape. About MITRE MITRE's mission-driven teams are dedicated to driving solutions to our nation's most pressing challenges. As a not-for-profit research and development organization, MITRE's staff leverage our unique multi-sponsor vantage point, systems expertise, and innovative solutions to ensure the health, prosperity, and security of our nation.
Globe and Mail
21-05-2025
- Business
- Globe and Mail
SEALSQ Unveils Quantum-Resistant Cryptography with QS7001 to Secure Bitcoin Wallets Against Quantum Threat
Geneva, Switzerland, May 21, 2025 (GLOBE NEWSWIRE) -- SEALSQ Unveils Quantum-Resistant Cryptography with QS7001 to Secure Bitcoin Wallets Against Quantum Threat SEALSQ Corp (NASDAQ: LAES) ("SEALSQ" or "Company"), a company that focuses on developing and selling Semiconductors, PKI, and Post-Quantum technology hardware and software products, today announced the deployment of its advanced post-quantum cryptographic (PQC) technology to protect Bitcoin wallets from future quantum computer attacks. Integrated into the cutting-edge QS7001 secure element, this solution marks a significant step in ensuring the long-term security of blockchain assets in a quantum era. The Quantum Risk to Bitcoin Wallets Bitcoin wallets rely on elliptic curve cryptography (ECC), specifically the secp256k1 curve, to generate public-private key pairs. While secure against classical attacks, quantum computers using Shor's algorithm could potentially derive private keys from exposed public keys, compromising wallets when addresses are reused or transactions are broadcasted. This vulnerability threatens the integrity of decentralized finance as quantum computing advances. SEALSQ's Quantum-Resistant Solution SEALSQ addresses the threat with a robust PQC stack based on CRYSTALS-Kyber and CRYSTALS-Dilithium, NIST-standardized algorithms (FIPS 203 and ML-DSA) designed to withstand quantum attacks. These lattice-based algorithms ensure security against Shor's and Grover's algorithms, offering forward secrecy and unforgeable signatures. Watch live demo: Key Features: CRYSTALS-Kyber (Key Encapsulation Mechanism): Enables quantum-secure key exchanges between wallets and blockchain nodes, replacing vulnerable ECC-based protocols. CRYSTALS-Dilithium (Digital Signature Algorithm): Provides quantum-resistant digital signatures, ensuring transaction authenticity and integrity. QS7001 Secure Element: Hardware-Backed Security SEALSQ's PQC algorithms are embedded in the QS7001 secure element, a tamper-resistant chip optimized for resource-constrained environments like hardware wallets and IoT devices. The QS7001 enables: Secure storage of post-quantum private keys. Efficient quantum-resistant signing and key exchange operations. Hardware-rooted trust with low power consumption, ideal for cold wallets and embedded systems. Migration Framework for Blockchain Developers SEALSQ offers a practical migration path for Bitcoin wallet developers and custodians: Hybrid Cryptography: Supports a dual-stack approach (ECDSA + Dilithium) for backward compatibility during the transition to PQC. Quantum-Safe Addresses: Introduces a new address format for quantum-resistant wallets, ensuring future-proof security. Key Rotation Tools: Facilitates secure migration of legacy keys to PQC-protected keys, minimizing exposure risks. Strategic Vision 'Quantum computing poses a real threat to blockchain security, but SEALSQ is ahead of the curve,' said Carlos Moreira, CEO of SEALSQ. 'Our QS7001 secure element, optimized for running both traditional and NIST-standardized PQC algorithms, empowers the blockchain ecosystem to stay secure in a post-quantum world, reinforcing SEALSQ's leadership in semiconductor-driven cybersecurity.' Mr. Moreira added, 'Without trusted roots, no cryptography can be truly secure. Without post-quantum cryptography, no blockchain can be future-proof. The convergence of SEALSQ's post-quantum secure microcontrollers and WISeKey's Quantum RootKey infrastructure provides the only practical, scalable, and hardware-enforceable solution to defend Bitcoin from quantum threats. As the world transitions from classical to quantum computing, Bitcoin must evolve too. This evolution begins at the cryptographic root—trust anchored in post-quantum resilience. If Bitcoin is to remain a trusted store of value in the quantum era, its future may very well depend on what SEALSQ and WISeKey are building today.' About SEALSQ: SEALSQ is a leading innovator in Post-Quantum Technology hardware and software solutions. Our technology seamlessly integrates Semiconductors, PKI (Public Key Infrastructure), and Provisioning Services, with a strategic emphasis on developing state-of-the-art Quantum Resistant Cryptography and Semiconductors designed to address the urgent security challenges posed by quantum computing. As quantum computers advance, traditional cryptographic methods like RSA and Elliptic Curve Cryptography (ECC) are increasingly vulnerable. SEALSQ is pioneering the development of Post-Quantum Semiconductors that provide robust, future-proof protection for sensitive data across a wide range of applications, including Multi-Factor Authentication tokens, Smart Energy, Medical and Healthcare Systems, Defense, IT Network Infrastructure, Automotive, and Industrial Automation and Control Systems. By embedding Post-Quantum Cryptography into our semiconductor solutions, SEALSQ ensures that organizations stay protected against quantum threats. Our products are engineered to safeguard critical systems, enhancing resilience and security across diverse industries. For more information on our Post-Quantum Semiconductors and security solutions, please visit Forward-Looking Statements This communication expressly or implicitly contains certain forward-looking statements concerning SEALSQ Corp and its businesses. Forward-looking statements include statements regarding our business strategy, financial performance, results of operations, market data, events or developments that we expect or anticipates will occur in the future, as well as any other statements which are not historical facts. Although we believe that the expectations reflected in such forward-looking statements are reasonable, no assurance can be given that such expectations will prove to have been correct. These statements involve known and unknown risks and are based upon a number of assumptions and estimates which are inherently subject to significant uncertainties and contingencies, many of which are beyond our control. Actual results may differ materially from those expressed or implied by such forward-looking statements. Important factors that, in our view, could cause actual results to differ materially from those discussed in the forward-looking statements include SEALSQ's ability to continue beneficial transactions with material parties, including a limited number of significant customers; market demand and semiconductor industry conditions; and the risks discussed in SEALSQ's filings with the SEC. Risks and uncertainties are further described in reports filed by SEALSQ with the SEC. SEALSQ Corp is providing this communication as of this date and does not undertake to update any forward-looking statements contained herein as a result of new information, future events or otherwise.
Yahoo
20-05-2025
- Business
- Yahoo
SEALSQ Demonstrates Quantum-Resistant Kyber and Dilithium Algorithms during 'Quantum Days 2025'
Geneva, Switzerland, May 20, 2025 (GLOBE NEWSWIRE) -- Watch the video of the live demo here: SEALSQ Corp (NASDAQ: LAES) ("SEALSQ" or "Company"), a company that focuses on developing and selling Semiconductors, PKI, and Post-Quantum technology hardware and software products, showcased the power of post-quantum cryptography (PQC) with live demonstrations of NIST-standardized Crystal Kyber (FIPS 203) and Crystal Dilithium (ML-DSA) algorithms on its secure devices during the 'Quantum Days 2025' event held in France, on May 13. Presented by Danielle Fonte, a member of SEALSQ's Product Security Team, the demos underscored SEALSQ's commitment to quantum-resistant security, aligning with broader efforts like Quantum Key Distribution (QKD) to safeguard connected systems against future quantum threats. With quantum computing challenging traditional cryptography, SEALSQ is advancing PQC to deliver robust, scalable security for IoT ecosystems. Like QKD, which leverages quantum principles for secure key exchange, SEALSQ's PQC solutions aim to protect data integrity and confidentiality in a quantum era. The Quantum Days demos featured two NIST-selected algorithms: Crystal Kyber: A key encapsulation mechanism (KEM) for secure key exchange over insecure channels, such as email. The demo showed Kyber enabling two parties to share a 256-byte secret using SEALSQ secure devices, protected against chosen ciphertext attacks. Crystal Dilithium: A digital signature algorithm (DSA) ensuring message authenticity and integrity. The demo verified Dilithium's ability to sign and validate messages, critical for trusted IoT communications. Conducted on SEALSQ's latest quantum resistant hardware platform (QS 7001), the live demos illustrated real-world applications of PQC. The Kyber demo demonstrated secure key exchange, while the Dilithium demo confirmed message integrity, even detecting tampering. These capabilities position SEALSQ as a trusted partner for industries like automotive, healthcare, and smart infrastructure. 'Our Quantum Days demos of Kyber and Dilithium on SEALSQ devices showcase our commitment to future-proof security,' said Mr. Fonte. 'We're proud to deliver NIST-compliant solutions that protect customers against quantum threats.' SEALSQ's integration of PQC algorithms into its hardware ensures compliance with global cybersecurity standards and meets the growing demand for quantum-resistant IoT solutions. The Quantum Days event underscored SEALSQ's leadership in shaping a secure digital future. About SEALSQ:SEALSQ is a leading innovator in Post-Quantum Technology hardware and software solutions. Our technology seamlessly integrates Semiconductors, PKI (Public Key Infrastructure), and Provisioning Services, with a strategic emphasis on developing state-of-the-art Quantum Resistant Cryptography and Semiconductors designed to address the urgent security challenges posed by quantum computing. As quantum computers advance, traditional cryptographic methods like RSA and Elliptic Curve Cryptography (ECC) are increasingly vulnerable. SEALSQ is pioneering the development of Post-Quantum Semiconductors that provide robust, future-proof protection for sensitive data across a wide range of applications, including Multi-Factor Authentication tokens, Smart Energy, Medical and Healthcare Systems, Defense, IT Network Infrastructure, Automotive, and Industrial Automation and Control Systems. By embedding Post-Quantum Cryptography into our semiconductor solutions, SEALSQ ensures that organizations stay protected against quantum threats. Our products are engineered to safeguard critical systems, enhancing resilience and security across diverse industries. For more information on our Post-Quantum Semiconductors and security solutions, please visit Forward-Looking StatementsThis communication expressly or implicitly contains certain forward-looking statements concerning SEALSQ Corp and its businesses. Forward-looking statements include statements regarding our business strategy, financial performance, results of operations, market data, events or developments that we expect or anticipates will occur in the future, as well as any other statements which are not historical facts. Although we believe that the expectations reflected in such forward-looking statements are reasonable, no assurance can be given that such expectations will prove to have been correct. These statements involve known and unknown risks and are based upon a number of assumptions and estimates which are inherently subject to significant uncertainties and contingencies, many of which are beyond our control. Actual results may differ materially from those expressed or implied by such forward-looking statements. Important factors that, in our view, could cause actual results to differ materially from those discussed in the forward-looking statements include SEALSQ's ability to continue beneficial transactions with material parties, including a limited number of significant customers; market demand and semiconductor industry conditions; and the risks discussed in SEALSQ's filings with the SEC. Risks and uncertainties are further described in reports filed by SEALSQ with the SEC. SEALSQ Corp is providing this communication as of this date and does not undertake to update any forward-looking statements contained herein as a result of new information, future events or otherwise. SEALSQ MoreiraChairman & CEOTel: +41 22 594 3000info@ SEALSQ Investor Relations (US)The Equity Group CatiTel: +1 212 836-9611 lcati@ Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Time of India
14-05-2025
- Business
- Time of India
BFSI not ready to tackle Quantum Computing threats, says study
1 2 Hyderabad: As the world moves towards quantum computing (CQ), there is a critical need for India's banking, financial services, and insurance ( BFSI ) sector to gear up for the unique threats it poses, said a report prepared by ISB Institute of Data Science (IIDS).Titled ' Quantum Resilient Banking : Strategies for a Secure Transition,' the study found a very limited understanding of quantum computing among BFSI CISOs and CTOs, with post-quantum cryptography (PQC) readiness at an average of only 2.4 out of 5, indicating insufficient preparation. According to the study, 57.5% of those surveyed said they anticipate quantum computing to become a substantial threat within three years. This is even as phishing attacks (65%), DDoS attacks (47.5%), and social engineering (40%) have already emerged as the most frequent threats over the past year."The analysis demonstrates how technological and telecommunications progress has transformed cybersecurity risks. Whilst quantum computing presents opportunities, it threatens existing Public Key Cryptography (PKC) algorithms," the study said. Quantum computing uses principles of quantum mechanics to tackle complex computational challenges. Unlike traditional computers that use binary bits, quantum computers leverage quantum physics principles such as superposition, tunnelling, entanglement, and research paper, which examined crucial vulnerabilities and inadequate preparedness for PQC implementation amongst BFSI CISOs and CTOs, has mooted a PQC migration framework for the BFSI sector that ensures minimal infrastructure disruption, straightforward deployment, and future-ready architecture. It has recommended swift PQC adoption, govt-led guidelines establishment, quantum-resistant technology research funding, enhanced stakeholder cooperation, and improved cybersecurity education. It also stresses the importance of govt-established migration timelines and algorithm selection Manish Gangwar, executive director, IIDS, said the report helps understand and address the unique challenges that quantum computing poses to the BFSI sector in India by highlighting vulnerabilities and providing a framework for PQC migration to empower organisations to proactively safeguard data and maintain trust in the digital age.
