ISARA makes four digital certificate patents publicly available to boost quantum security
ISARA revealed that it is dedicating the intellectual property behind its ISARA Catalyst Agile Digital Certificate Methodology — including four patents — to the public.
Industry leaders, including Crypto4A, DigiCert, Entrust, ISARA, Keyfactor, PKI Solutions, Sectigo, and Venafi, are among those who promote secure, crypto-agile solutions to ease the quantum computing migration path for organizations.
Hybrid certificates, an important component of ISARA’s Catalyst methodology, enable organizations to have a seamless, cost-effective, and simplified migration to quantum-safe security today to protect connected devices and the Internet of Things (IoT) — as well as complex public key infrastructures (PKIs) — with no impact to end users. These certificates support two or more cryptographic algorithms within a single certificate and can support both classic and quantum-safe public keys and signatures.
A hybrid certificate is a traditional X.509 digital certificate that has additional quantum-safe components encoded within it. One of the key characteristics of hybrid certificates is the ability to simultaneously support existing systems as well as those that have been upgraded to be quantum safe. When an organization starts to migrate its systems and applications to quantum-safe cryptography, they won’t need to support two separate PKIs — one for traditional certificates and one for quantum-safe certificates — since they will already have two-in-one hybrid certificates in place. This provides backward compatibility during the transition period to quantum.
Most of the cryptographic products, protocols, and services that businesses rely on every day need to be upgraded to become quantum safe. This requires an agile migration strategy that preserves compatibility with existing systems so that organizations can prioritize migrating their most critical systems first without negatively impacting the systems to be upgraded later.
Industry-wide support for crypto agility and crypto-agile certificates
“At ISARA, we believe an industry-wide, crypto-agile ecosystem is important to make it easier for organizations to implement quantum-safe solutions now and to help with the quantum migration,” said Atsushi Yamada, CEO at ISARA. “By making these four critical digital certificate patents available to the public, we are looking to grow the industry and increase crypto-agile implementation for more secure systems now and in the future.”
“As we enter the quantum age, we face the daunting task of migrating our existing and future systems to become quantum safe. Hybrid certificates provide a powerful, agile, and elegant methodology that greatly enhances our migration capabilities. I would like to thank ISARA on behalf of the cybersecurity community for dedicating this important technology to the public as together we ensure continued trust of our digital systems,” said Bruno Couillard, Co-Founder, CEO and CTO, Crypto4A.
“Crypto agility will be essential for surviving the transition to post-quantum algorithms. To ensure digital trust is maintained, the industry needs to work together and ISARA’s decision to remove a potential obstacle to rapid deployment of hybrid certificates is greatly appreciated. ISARA’s leadership will increase the accessibility of crypto agility and help companies prepare for a post-quantum world. DigiCert is proud to be working with ISARA to help companies and their users have confidence that their online interactions, transactions, and business processes are secure,” said Dr. Avesta Hojjati, VP of Research and Development, DigiCert.
“The timeline for post-quantum computing development is unclear, but once a quantum computer is able to break RSA and elliptic curve cryptography, the transition will be abrupt, and organizations need to start preparing now. As such, we’re delighted that ISARA has chosen to gift this methodology to the public,” said Greg Wetmore, VP Product Development at Entrust. “The industrial applications of public key cryptography are wide and diverse. The migration to post-quantum cryptography will need a set of tools equally diverse in order to meet a range of security and agility needs. We are pleased that Catalyst Hybrid Certificates will join the publicly available toolbox along with multiple certificates, and composite approaches to help organizations prepare for the transition to a post-quantum world.”
“The potential threat of quantum computers to computer security and secure communications is potentially the biggest existential threat our industry has faced to date. It’s on us to help ensure that the transition from conventional to post-quantum cryptography is as smooth as possible and hybrid certificates are a key part of that,” said Tomas Gustavsson, Chief PKI Officer, Keyfactor.
“The crucial importance of future-proofing identity and data encryption cannot be overstated,” said Mark B. Cooper, President & Founder, PKI Solutions. “Every single day, we address risks and misconfigurations in this industry. This hybrid methodology from ISARA is part of the much-needed evolution to a new secure cryptographic environment for organizations around the world.”
David Mahdi, Chief Strategy Officer, Sectigo, CISO Advisor and former Gartner Analyst commented, “We welcome this news from ISARA Corp. and concur that open standards and interoperability must be built at the heart of the modern cybersecurity tech stack. While the much touted ‘Quantum Apocalypse’ may seem like a distant problem to solve, governments and organizations of all sizes must begin preparing for the inevitability that our current cryptographic standards become obsolete. The ubiquity of cryptography in computer systems, including critical infrastructure cannot be ignored and so enabling organizations of all sizes to start their journeys to quantum readiness is vital to maintain the digital trust we all rely on now and in the future.”
“Venafi created the Machine Identity Management market and we’ve been consistently investing in innovation and open-source technology for years,” said Kevin Bocek, VP of Strategy and Threat Intelligence for Venafi. “Venafi sponsored both Crypto4A and ISARA to further the innovations that were important to enabling this open-source technology and we’re excited to see it become open to all. Our goal is to make it easy to be ready for the post-quantum world where today’s machine identities can’t be trusted.”
Crypto-agile patents dedicated to the public:
- US9660978
- US9794249
- WO2018027300
- JP6644894