Post Quantum Support in the Cryptographic Security Platform Vault for Cryptographic APIs

Beginning in version 10.5.1, we now offer the following Post Quantum (PQ) features in the Cryptographic Security Platform Vault for Cryptographic APIs with and without HSM: 

• PQ object creation—You can create the following objects that are considered PQ-safe.

  • ML-DSA

  • SLH-DSA

• PQ operations—The following operations are considered PQ-safe: 

  • Sign (ML-DSA, SLH-DSA)

  • Verify (ML-DSA, SLH-DSA)

• Import from HSM to Cryptographic Security Platform Vault for Cryptographic APIs—You can import the public part of PQ keys from your HSM to the Cryptographic Security Platform Vault for Cryptographic APIs. This allows the Cryptographic Security Platform Vault for Cryptographic APIs to verify the PQ signature.

Note: Currently the channel between the client and the Cryptographic Security Platform Vault for Cryptographic APIs is not using PQ-TLS. This means the channel is still vulnerable to a harvest now, decrypt later attack.