In this post we will go deeper into the advantages and features of these devices.
Quantum computers are evolving, and experts warn that in a few years, they might become so advanced that they will be able to decrypt information that has been encrypted with currently used algorithms. IT security and cryptography experts are working on solutions to prevent possible future data leakages caused by this issue. Some of the algorithms are already quantum-resistant (also called quantum-safe or post-quantum) and experts are advising everyone to use these future-proof methods.
Lawmakers around the world are already starting to recognize the importance of this issue and work on the solutions. For example, the USA has issued a memorandum recently for the National Security Agency to lay down the foundation for using post-quantum cryptography (PQC) for state matters, and similar laws have been passed in many countries, among others in Hungary.
We have put a high emphasis on the matter from the beginning and i4p was the first to use a quantum-resistant digital signature algorithm in a physical HSM already in 2019.
As another important milestone, Trident HSM is now capable of using quantum key distribution (QKD) devices to ensure safe yet simple key distribution, according to the standards of the European Telecommunications Standards Institute. Quantum key distribution is a cryptographic technique that uses quantum-mechanics to guarantee the secure transmission of information. Quantum key distribution is used to generate a shared key between two parties so they can encrypt and decrypt data, without the information being intercepted by a third party unnoticed.
To cover all aspects of a practical quantum safe encryption system, Trident HSM also features a new quantum safe key encapsulation mechanism (KEM) from now on. The key encapsulation mechanism Trident HSM is using is a cryptographic technique that uses a quantum-safe algorithm to distribute a secret, a one-time usable symmetric key, for example. This symmetric key, distributed in a quantum-safe manner can in turn be used in encrypting large chunks of data or data stream by communicating IT systems.
With these two new enhancements, Trident HSM can play a vital role in any post quantum encryption services to be built around the world. The keys can be generated on-board or by using QKD devices, can be distributed using its inbuilt post-quantum key encapsulation mechanism or QKD devices, and then used in the Trident HSMs that provide the highest level of security due to another unique feature of ours, the so-called Multi-Party Computation.
More details to come soon, stay tuned!
Google has made it possible for users to use a client-side encryption function in the Workspace. However, you must ensure that you store the encryption keys in a proper and secure manner.
Download this ebook to find out: