Post Quantum Support in the Cryptographic Security Platform Vault for KMIP

Beginning in version 10.5.1, we now offer the following KMIP Post Quantum (PQ) features: 

• PQ object creation—You can create the following KMIP objects that are considered PQ-safe.

  • ML-KEM

  • ML-DSA

  • SLH-DSA

• PQ operations—The following KMIP operations are considered PQ-safe: 

  • Encapsulation (ML-KEM)

  • DecapSulation (ML-KEM)

  • Sign (ML-DSA, SLH-DSA)

  • Verify (ML-DSA, SLH-DSA)

Note: When the KMIP client supports OpenSSL 3.5.4, the channel between the KMIP client and the KMIP server uses PQ-TLS to protect data against harvest now, decrypt later.