The ISARA Radiate™ Security Solution Suite 1.4 includes a complete set of stateful hash-based signature options and their implementation on a Hardware Security Module (HSM).
WATERLOO, Ontario (March 27, 2018) – ISARA Corporation, the leading provider of security solutions for the quantum computing age, today announced the release of the ISARA Radiate™ Security Solution Suite 1.4 to further extend its quantum-safe toolkit to include both stateful hash-based signature options, and includes an HSM-based implementation successfully tested with Utimaco Inc.’s SecurityServer.
The addition of eXtended Merkle Signature Scheme (XMSS) upgrades Radiate with complete coverage of stateful hash-based signature options – algorithms that can be used immediately to mitigate real threats. These algorithms are particularly valuable in “roots of trust” applications for durable products like automobiles that are being designed today but will be in use well into the quantum era.
“Most of the conversation related to the quantum threat to current public key cryptography has been around protecting information from harvest-and-decrypt attacks by a quantum-enabled adversary,” said ISARA Chief Technology Officer Mike Brown. “There is another aspect of the quantum threat that is not getting enough attention – roots of trust in long-lived devices, like the ones used in critical infrastructure or vehicles. These types of long-lived devices that are being sold today are expected to be able to receive authentic software updates well after the arrival of a cryptographically significant quantum computer. Replacing the roots of trust in already deployed devices is often logistically impossible or financially prohibitive. Radiate helps solve that dilemma.”
While stateful hash-based signatures such as XMSS and Leighton-Micali Scheme (LMS) generally perform better than elliptic curves, they have one drawback – a large private key with a state that needs to be managed after every signing operation. As part of the ISARA Radiate 1.4 release, ISARA used Utimaco SecurityServer to create an HSM-friendly implementation of LMS and XMSS that enables the embedding of hash-based roots of trust today to send software updates signed using these quantum-safe schemes tomorrow.
“Stateful hash-based signatures, like LMS and XMSS, can be used today for quantum-safe code signing or certificate signing,” said Utimaco Chief Technology Officer Thorsten Groetker. “They are based on mathematics that is well understood, which enables users to accelerate implementation without worrying about conflicting standards. The National Institute of Standards and Technology (NIST) will not be reviewing these stateful hash-based signatures as part of the post-quantum algorithm evaluation because they are already trusted today to be used for operations like code signing.”
About ISARA Corporation
ISARA is a cybersecurity company specializing in creating production-ready quantum-safe cryptography solutions that can be embedded into commercial products today to secure data now and in the future. As a commercial solution provider within a rich academic and research ecosystem, ISARA is part of a collaborative effort to raise awareness of quantum threats, and design and implement quantum-safe solutions that will work globally. For more information, visit www.isara.com or follow @ISARACorp on Twitter.
About Utimaco Inc.
Utimaco is a worldwide supplier of professional cybersecurity solutions. Since 1983, Utimaco has been developing hardware-based, high-security appliances (Hardware Security Modules). Today, Utimaco is a world-market leader in this segment. Customers and partners of Utimaco in all parts of the world trust the company’s long-term, proven reliability and investment protection, as well as its many certified IT security standards. Utimaco stands for recognized product quality, user-friendly software, excellent support and trusted high security — made in Germany. For more information, visit https://hsm.utimaco.com/.