- Google Cloud now offers PQC algorithms for digital signatures
- The move comes as part of Google Cloud quantum-safe roadmap
- The feature is available in preview now, with more PQC changes to come
Google Cloud has taken an additional step to secure its platform from the threat posed by quantum computing to public-key cryptography by announcing the availability of quantum-safe digital signatures in preview in the Google Cloud Key Management Service (KMS).
Theoretically, quantum computers will be able to crack most modern encryption algorithms in a matter of hours, but the viability of such a system is still at least a decade away by most expert estimates.
This does present threats today, however, with cybercriminals stealing vulnerable encrypted data today in order to decrypt it when ‘Q-Day’, or the day when the availability of cryptographically-relevant quantum computers arrives. This has necessitated the development of post-quantum cryptography (PQC) to secure data against ‘harvest-now-decrypt-later’ attacks.
Securing the future of digital signatures
Quantum-safe digital signatures are just one step in Google Cloud’s roadmap towards a fully PQC platform.
For digital signatures specifically, quantum brings the threat of forgery and tampering, with Google Cloud highlighting that working to resolve these threats now will help build a more resilient infrastructure and inspire other platforms to do the same.
Google Cloud has also revealed in the announcement that to help enforce transparency and code-auditability, the quantum-related software implementations will be available as part of Google’s open-source cryptographic libraries BoringCrypto and Tink.
This update to digital signatures specifically implements the ML-DSA-65 and SLH-DSA-SHA2-128S PQC algorithms in line with NIST standards. Google Cloud will also be implementing new PQC algorithms and techniques into its Hardware Security Modules (HSM).
Google Cloud customers will be able to use the latest PQC algorithms in Cloud KMS and provide feedback on their implementation, and suggestions on other specific cryptographic requirements. Essentially, the use of Cloud KMS’s latest algorithms acts as a testbed for building and expanding the availability of PQC across the Google Cloud platform.
You might also like
- These are the best encrypted messaging app
- Take a look at our guide to the best password manager
- Microsoft set to rival Google, IBM with first-of-its-kind quantum chip with topological core architecture
