All news with #post quantum cryptography tag

🔐 The cryptographic foundation of the internet is undergoing a rapid operational reset driven by shorter certificate lifecycles and the transition to quantum-resistant algorithms. The CA/Browser Forum reduced public TLS validity to 200 days on March 15, 2026, with further reductions planned to 100 days in 2027 and 47 days by 2029, dramatically increasing renewal velocity. Manual certificate processes and spreadsheets will not scale; organizations need network-native discovery, continuous certificate visibility, and fully automated lifecycle management. Palo Alto Networks' Next-Generation Trust Security brings certificate lifecycle controls into the network to automate discovery, renewal, deployment and governance.

🔒 US organizations should begin operationalizing post-quantum cryptography now to protect long-lived secrets and meet an emerging 2030 readiness horizon. With NIST finalizing initial PQC standards in 2024 and agencies like NSA and CISA aligning guidance, a pragmatic hybrid strategy—pairing existing classical algorithms (ECDHE/TLS) with post-quantum primitives such as ML-KEM—reduces long-term confidentiality risk while preserving interoperability. Start with a comprehensive crypto inventory tied to data value, pilot internal mTLS, VPN and code-signing migrations in a lab, improve crypto agility, add telemetry for rollout metrics, and add PQC requirements into procurement to buy time and avoid last-minute disruption.

🔒China is planning to develop national post-quantum cryptography standards within three years, prioritizing finance and energy for early migration. Chinese experts say they favor structureless lattice algorithms over the algebraic lattice designs adopted elsewhere, arguing better long-term security. Organizations should begin hybrid deployments now to reduce 'harvest now, decrypt later' risk and to maintain flexibility for future compliance.

🔬 The author expresses skepticism and notes they are not qualified to fully evaluate a newly announced claim of improved quantum factoring. If validated, the finding would represent a theoretical improvement in the speed of factoring large integers with a quantum computer. The post emphasizes that the result is currently unverified and that practical consequences for deployed cryptography remain uncertain. Further expert review, replication, and analysis are necessary to determine any real-world impact.

🎤 Infosecurity Europe 2026 has revealed a major keynote programme for its 2–4 June event at ExCeL London, featuring industry founders, former intelligence leaders and elite-sport figures. Shlomo Kramer and Cynthia Kaiser headline Tuesday with sessions on technology trends and the ransomware economy, respectively, while Jason Fox will open Thursday with a resilience and decision-making keynote. Technical talks will address AI-driven cloud threats and preparations for post-quantum cryptography.

🔐 AWS Identity and Access Management (IAM) Roles Anywhere now supports the FIPS 204 Module-Lattice Digital Signature Standard (ML-DSA), a NIST-standardized, quantum-resistant digital signature algorithm. Customers can register ML-DSA-signed CA certificates as IAM Roles Anywhere trust anchors or reference AWS Private Certificate Authority instances, and issue end-entity X.509 certificates bound to ML-DSA keys. The capability is available in all Regions where IAM Roles Anywhere operates, including AWS GovCloud (US), the AWS European Sovereign Cloud (Germany), and China Regions.

🔐 Security vendors are reframing post-quantum cryptography (PQC) from a theoretical concern into an operational priority, emphasizing discovery, inventory, and crypto-agility across enterprise environments. Companies such as Palo Alto Networks, Cisco, and Cloudflare are packaging visibility, assessment, and compensating-controls while specialist firms like SandboxAQ deliver continuous monitoring via AQtive Guard. With NIST standards finalized and a 2030 readiness horizon, vendors stress phased migration and prioritization for long-lived sensitive data. The market is competitive as providers position to guide enterprises through complex modernization and legacy constraints.

⚔️ The White House released a concise seven-page cybersecurity strategy developed by the Office of the National Cyber Director that places offensive cyber operations at the center of U.S. policy while also pushing deregulation and accelerated AI adoption. It articulates six implementation pillars including shaping adversary behavior, modernizing federal networks with AI and zero-trust, securing critical infrastructure, and building workforce capacity. Industry responses were broadly positive from vendors emphasizing AI and quantum-safe security, but defenders warn the emphasis on proactive offense and deregulatory moves could raise escalation and resilience concerns.

🔐 The U.S. National Cyber Strategy offers a clear, action-oriented agenda to protect the digital way of life by emphasizing disruption of hostile actors, streamlined regulation, federal network modernization, and the security of AI and quantum technologies. Palo Alto Networks endorses the strategy and highlights practical measures—such as reciprocity for government software certifications, a four-stage quantum-safe framework, and its Secure AI by Design Policy Roadmap—to help operationalize these priorities through public–private collaboration.

🔒 Security leaders face a growing threat from harvest now, decrypt later attacks as quantum computing progresses. A webinar will outline practical steps—identify long-term sensitive data, map encryption use, and adopt hybrid cryptography such as ML-KEM alongside existing algorithms—to begin transitioning without operational disruption. The session also covers post-quantum traffic inspection and Zero Trust integration to maintain policy enforcement at scale.

🛡️ The Global Coalition on Telecoms (GCOT) has released voluntary 6G Security and Resilience Principles to guide the early development of next-generation mobile networks. Founded by Australia, Canada, Japan, the UK and the US, and joined by Finland and Sweden at Mobile World Congress 2026, the framework was published with industry partners including AT&T, Ericsson, NVIDIA and Nokia. The guidelines define four security and four resilience objectives—covering containment, confidentiality, integrity, resilience and regulatory compliance—to inform standards, supply-chain practices and network architectures ahead of anticipated 6G rollouts in 2029–2030.

🔐 Google is developing Merkle Tree Certificates (MTCs) in Chrome to make HTTPS certificates resilient to future quantum attacks while avoiding the bandwidth cost of adding post‑quantum algorithms to traditional X.509 chains. Working with Cloudflare and the PLANTS working group, Chrome proposes a model where a CA signs a single tree head and browsers receive lightweight proofs of inclusion. Google is running a feasibility study (Phase 1), plans to invite compatible Certificate Transparency logs in Q1 2027 (Phase 2), and aims to finalize requirements and launch a Chrome Quantum‑resistant Root Store (CQRS) and MTC-only root program by Q3 2027.

🔐 Chrome has launched an initiative to protect HTTPS from future quantum threats by redesigning certificate mechanics with Merkle Tree Certificates (MTCs). Rather than enlarging X.509 certificates, MTCs use compact Merkle proofs and a single signed tree head to authenticate sites, reducing TLS handshake data and embedding transparency into issuance. Chrome is testing MTCs with Cloudflare and plans a phased rollout through 2027.

🔐 Chrome announces a staged program to support quantum-resistant HTTPS by adopting Merkle Tree Certificates (MTCs), which replace long X.509 signature chains with compact Merkle inclusion proofs. The approach reduces bandwidth costs and decouples cryptographic strength from transmitted size, preserving TLS performance. Chrome is testing MTCs with Cloudflare and plans phased deployment with a new Chrome Quantum-resistant Root Store.

🔐 Cloudflare Radar is adding three security-focused datasets and tools: origin-facing post-quantum (PQ) monitoring, a Key Transparency dashboard for E2EE messaging logs, and enhanced RPKI ASPA adoption tracking. The origin feature reports support for X25519MLKEM768 using an automated TLS scanner and provides an on-demand hostname tester that performs real TLS handshakes via Cloudflare Containers. Key Transparency publishes auditor verification status and APIs for independent proof checks, while routing pages gain global, country, and per-AS ASPA views together with API access for integrations.

🔐 The article warns that patient adversaries follow a "Harvest Now, Decrypt Later" strategy and urges organizations to begin Post-Quantum Cryptography (PQC) migration immediately to protect long-lived data. It prescribes a five-phase migration framework—Preparation, Diagnosis, Planning, Execution, and Continuous Monitoring—and recommends hybrid deployments to retain compatibility. Practical guidance covers asset inventories, risk prioritization (Mosca's Theorem), vendor engagement, and adopting cryptographic agility with references to ML-KEM, TLS, and NIST/CISA guidance.

🔐 Cloudflare One is the first SASE platform to deliver standards-compliant post-quantum encryption across Secure Web Gateway, Zero Trust, and WAN services. It implements hybrid ML-KEM across TLS, MASQUE and IPsec on- and off-ramps and upgraded the Cloudflare One Appliance (v2026.2.0 GA). Cloudflare IPsec support for hybrid ML-KEM is in closed beta—contact pq-wan@cloudflare.com for access.

🧭In 2026 cybersecurity shifts from episodic defense to continuous operational resilience. Regulation, geopolitics and AI now shape architecture and controls, forcing cryptographic agility, continuous Zero Trust decisioning and lifecycle security across cloud and supply chains. Organizations must make attacker intelligence unreliable through deception, Automated Moving Target Defense and Continuous Threat Exposure Management while embedding AI into detection, response and governance.

🔒 At the 62nd Munich Security Conference, Kent Walker (President, Google & Alphabet) argued that fragmented defenses are inadequate against AI-accelerated cyber threats and the near-term risk from cryptographically relevant quantum computing. Google highlighted GTI findings that adversaries are automating reconnaissance and producing hyper-realistic phishing, and showcased the Ukrainian startup LetsData, which uses AI to scan multilingual media and detect InfoOps at scale. To scale defender advantages, Google launched the Gemini Startup Forum: Cybersecurity and promotes deployment options such as Google Distributed Cloud Air-Gapped for sovereign, secure use of its infrastructure. Walker urged governments, industry, and vendors to adopt a full-stack, collaborative approach—breaking silos and modernizing procurement—to build shared digital resilience.

🔒 The Federal Office for Information Security (BSI) has updated its technical guideline TR-02102, establishing concrete deadlines to end the sole use of classical asymmetric encryption: from 2031 generally and for high-security systems from the end of 2030. The guideline mandates hybrid configurations that combine traditional algorithms with post-quantum cryptography and schedules deprecation of conventional signature algorithms for sole use by 2035. TR-02102 is divided into parts addressing algorithm/key guidance, TLS, IPsec/IKEv2, and SSH, and is a reference for developers and mandatory for certain classified-product deployments.