< ciso
brief />
Tag Banner

All news with #post quantum cryptography tag

118 articles · page 2 of 6

AWS Leverages Nitro, Crypto, and S3 Lessons for AI/Quantum

🔒AWS says long-standing infrastructure and cryptographic choices position it to address emerging AI and quantum threats. The company highlights the Nitro hardware platform — enabled by a 2015 semiconductor acquisition and deployed from 2017 — to provide strong isolation, confidential compute, and a 'zero humans' maintenance model. By favoring symmetric cryptography in KMS (launched 2013) and adding S3 controls like an 'active defense' that returns 'Bucket not found', AWS argues most customer data will not require immediate mass re-encryption while it pursues public-certificate post-quantum authentication by 2028–2029.
read more →

AWS Secrets Manager Enables Hybrid Post-Quantum TLS

🔐 AWS Secrets Manager now prefers hybrid post-quantum TLS (ML‑KEM) for supported clients to reduce harvest-now, decrypt-later risk. Customers using the listed clients and SDK versions can get ML‑KEM key exchange without code changes; secrets at rest remain encrypted with AWS KMS and symmetric algorithms are considered quantum-resistant. Verify client negotiation via CloudTrail tlsDetails.keyExchange == X25519MLKEM768 and check SDK/OpenSSL requirements (for example, OpenSSL 3.5+ for Python). CRYSTALS‑Kyber support is being phased out in 2026, so upgrades are recommended to avoid fallback to traditional TLS.
read more →

Fortinet 2025 Sustainability Report: Security and Impact

🔒 Fortinet released its 2025 Sustainability Report, outlining progress in securing the digital world, reducing environmental impact, expanding cybersecurity education, and strengthening governance. The company expanded AI-driven threat protection across its portfolio and introduced quantum-safe capabilities in FortiOS. It also improved product energy efficiency—up to a 62% reduction for select models—and has trained over 914,800 people toward its 1M goal.
read more →

Kyber Ransomware Uses Kyber1024 Post-Quantum on Windows

🔒 Rapid7 analyzed two Kyber ransomware variants discovered in March 2026 that were deployed on the same network: one targeting VMware ESXi and one targeting Windows file servers. The ESXi build advertises post‑quantum Kyber1024 but instead uses ChaCha8 for file encryption and RSA‑4096 for key wrapping. The Windows variant, written in Rust, implements Kyber1024 and X25519 to protect symmetric keys while using AES‑CTR for bulk file encryption, and includes destructive routines such as service termination, backup deletion and an experimental Hyper‑V shutdown.
read more →

Building a Cryptographic Inventory for Quantum Readiness

🔐 Post-quantum cryptography is imminent, and Microsoft emphasizes that the biggest challenge is locating every use of cryptography across applications, devices, networks, and services. Building a comprehensive, ongoing cryptographic inventory enables risk-based decisions, crypto agility, and regulatory compliance. The article outlines a practical Cryptography Posture Management lifecycle and recommends Microsoft tools—GitHub Advanced Security, Defender suites, Azure Key Vault—and partner integrations to discover, normalize, assess, prioritize, and remediate cryptographic risks.
read more →

AWS Secrets Manager Adds Hybrid Post‑Quantum TLS Support

🔐 AWS Secrets Manager now supports hybrid post-quantum TLS key exchange using ML-KEM (a module-lattice-based KEM) to secure secret retrieval. The capability is automatically enabled in Secrets Manager Agent (v2.0.0+), Lambda Extension (v19+), and Secrets Manager CSI Driver (v2.0.0+); supported SDKs include Rust, Go, Node.js, Kotlin, Python (OpenSSL 3.5+), and Java v2 (v2.35.11+). No code or configuration changes are required for up-to-date clients except Java v2. You can verify hybrid key exchange in CloudTrail GetSecretValue events by checking the tlsDetails field for the X25519MLKEM768 algorithm.
read more →

World Quantum Day 2026: Preparing for PQC Migration

🛡️ Quantum computing is moving from theoretical risk to an imminent threat that undermines current cryptographic protections. Advances in algorithms and reduced qubit requirements mean timelines once measured in decades are now years, prompting Gartner in late 2025 to elevate Post-Quantum Cryptography migration to a board-level priority ahead of 2030. Organizations must inventory sensitive assets, prioritize store-now-decrypt-later risks, and begin crypto-agility planning immediately.
read more →

Cloudflare Actively Adjusts Post-Quantum Priorities

🔐 Cloudflare says it is “actively adjusting” its post-quantum cryptography priorities after Google moved its PQC migration deadline up to 2029, citing algorithmic advances. The company reports that more than half of its traffic is already protected against harvest-now/decrypt-later using ML-KEM (a PQC standard ratified in 2024), and plans to deploy post-quantum certificates in 2027 to guard against active attacks. Bas Westerbaan noted Google demonstrated a breakthrough with a zero-knowledge proof while withholding key details.
read more →

Cloudflare Targets Full Post-Quantum Security by 2029

🔒 Cloudflare is accelerating its post-quantum roadmap and now targets 2029 to achieve full post-quantum security, explicitly including post-quantum authentication. The company already enabled post-quantum encryption for the majority of human traffic to mitigate harvest-now/decrypt-later risks, but new algorithmic and hardware advances (notably Google’s reported speedups and Oratomic’s neutral-atom estimates) make authentication the urgent priority. Cloudflare will enable PQ defaults for customers at no extra cost.
read more →

FortiOS 8.0: Unified Security for AI and Quantum Era

🔒 FortiOS 8.0 delivers a unified operating system to simplify security and networking across hybrid, multi-cloud, and IT/OT environments. The release consolidates controls through the Fortinet Security Fabric and adds features such as SASE Outpost, Sovereign SASE, unified SD‑WAN, and multipath IPsec for resilient connectivity. It also extends OT support and compliance with standards like NERC CIP and IEC 62443. Key risk-focused updates include MCP observability, image OCR in FortiGuard DLP, agentic AI automation, and FIPS 204/205 hybrid cryptography to mitigate quantum risk.
read more →

Google Aims to Shift to Post-Quantum Cryptography by 2029

🔒 Google announced a plan to complete a transition to post-quantum cryptography across its services by 2029. Security expert Bruce Schneier welcomes the decision, arguing the primary benefit is improved crypto-agility rather than an imminent quantum threat. The timeline allows Google to test implementations, assess performance and interoperability impacts, and coordinate with evolving standards. Early adoption can reduce the risk of retrospective decryption and signals leadership that may accelerate broader industry migration.
read more →

Turing Award Honors Inventors of Quantum Cryptography

🔬 Charles Bennett and Gilles Brassard have been awarded the 2026 Turing Award for inventing quantum cryptography. Bruce Schneier welcomes the recognition but reiterates his view that, while scientifically impressive, the technology is largely unnecessary for most practical security problems. In a 2008 essay, he argued that quantum key exchange doesn’t address the usual weak points of systems and that effort is better spent on system-level security and crypto agility.
read more →

Google Warns: Quantum Threat to Encryption by 2029

🔒 Google warns that advances in quantum computing could render widely used public-key cryptography vulnerable as early as 2029, increasing the risk of store-now-decrypt-later attacks. The company points to progress in quantum hardware, error correction and factoring resource estimates that compress migration timelines. To reduce exposure, Google will include post-quantum digital signature protection in Android 17, aligned with NIST recommendations. It urges organizations to treat post-quantum cryptography migration as an immediate operational priority rather than a distant compliance task.
read more →

Google Accelerates Post-Quantum Migration Deadline to 2029

🔒Google announced it is accelerating its post-quantum cryptography migration, setting 2029 as the new target to phase out quantum-vulnerable algorithms and prioritizing PQC for authentication services. The company cites rapid improvements in quantum hardware, error correction and algorithmic estimates that drastically reduce the qubit requirements to break common asymmetric encryption. Google urged other engineering teams and hyperscalers to follow suit, warning that adversaries may already be collecting encrypted data for future decryption.
read more →

ThreatsDay Bulletin: PQC Push, AI Bugs, Pirated Backdoors

🔔 This week’s ThreatsDay Bulletin captures a quieter, sneakier cadence: big-picture progress on cryptography and AI set against a steady churn of pragmatic abuse. Google accelerated a PQC migration to 2029 and GitHub is bringing AI-powered detections into the PR workflow, while threat actors keep innovating around trust — using pirated ISOs, fake extensions, firmware implants and clever phishing to scale backdoors, credential theft and fraud. The common thread is operational efficiency: takedowns and disruptions are temporary, but the workflows keep returning.
read more →

Android 17 Adopts NIST Post-Quantum Standards Platform

🔒 Google is introducing post-quantum cryptography support in Android 17, integrating NIST’s lattice-based standards into boot, keystore, and app signing to establish a quantum-resistant chain of trust. The release adds ML-DSA to Android Verified Boot and migrates KeyMint certificate chains and Remote Attestation toward PQC compliance. Developers gain native support for ML-DSA-65 and ML-DSA-87 via the KeyPairGenerator API, and Google Play will offer hybrid APK signing with keys managed by Google Cloud KMS to preserve compatibility during migration.
read more →

Google Sets 2029 Timeline for Post-Quantum Migration

🔐 Google announces a company-wide timeline targeting 2029 for migration to post-quantum cryptography (PQC) to protect against future quantum threats. The timeline reflects advances in quantum hardware, error correction, and factoring estimates, and prioritizes PQC for authentication services to guard digital signatures. Google cites ongoing integrations — including Android 17 using ML-DSA, Chrome support, and Cloud offerings — as concrete commitments and urges other teams and organizations to accelerate their own migrations.
read more →

Cryptographic Reset: Operational Shifts in Trust Now

🔐 The cryptographic foundation of the internet is undergoing a rapid operational reset driven by shorter certificate lifecycles and the transition to quantum-resistant algorithms. The CA/Browser Forum reduced public TLS validity to 200 days on March 15, 2026, with further reductions planned to 100 days in 2027 and 47 days by 2029, dramatically increasing renewal velocity. Manual certificate processes and spreadsheets will not scale; organizations need network-native discovery, continuous certificate visibility, and fully automated lifecycle management. Palo Alto Networks' Next-Generation Trust Security brings certificate lifecycle controls into the network to automate discovery, renewal, deployment and governance.
read more →

Post-Quantum Roadmap for US Enterprises Targeting 2030

🔒 US organizations should begin operationalizing post-quantum cryptography now to protect long-lived secrets and meet an emerging 2030 readiness horizon. With NIST finalizing initial PQC standards in 2024 and agencies like NSA and CISA aligning guidance, a pragmatic hybrid strategy—pairing existing classical algorithms (ECDHE/TLS) with post-quantum primitives such as ML-KEM—reduces long-term confidentiality risk while preserving interoperability. Start with a comprehensive crypto inventory tied to data value, pilot internal mTLS, VPN and code-signing migrations in a lab, improve crypto agility, add telemetry for rollout metrics, and add PQC requirements into procurement to buy time and avoid last-minute disruption.
read more →

China Plans National Post‑Quantum Cryptography Standards

🔒China is planning to develop national post-quantum cryptography standards within three years, prioritizing finance and energy for early migration. Chinese experts say they favor structureless lattice algorithms over the algebraic lattice designs adopted elsewhere, arguing better long-term security. Organizations should begin hybrid deployments now to reduce 'harvest now, decrypt later' risk and to maintain flexibility for future compliance.
read more →