The PKI Consortium is managing a PQC Capabilities Matrix (PQCCM) of software applications, libraries and hardware that includes support for Post Quantum Cryptography, without endorsing their implementation or quality.
The list includes a wide variety of software applications, libraries, and hardware from different vendors. The list should be considered a living document and a starting point. Considering the rapid change in the area such things can vary from day to day and complete freshness of information can only be gathered from vendors directly.
The PKI Consortium is actively working to promote the adoption of Post-Quantum Cryptography, and the capabilities matrix is a key part of that effort.
What the PQCCM do:
- collect and aggregate information on PQC capabilities across the cybersecurity landspace (vendors, software, hardware, etc..)
What the PQCCM doesn't do:
- review, vet, verify or test implementations or interoperability
- source code review, formal review of algorithms, etc.
- provide information, documentation or any recommended usage of Post Quantum Cryptography
No other activity besides what is listed under PQCCM DOs is under the purview of PKI Consortium (unless explicitly stated otherwise)".
The table lists information from vendors related to support for Post Quantum Cryptography.
| Vendor | Product | Category | Last updated | Composite certificates | Hybrid certificates | LMS | XMSS | Falcon | Dilithium | SPHINCS+ | Kyber | BIKE | McEliece | HQC |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Securosys | Primus | HSM | 2022-11-28 | 🕐 | 🕐 | ❌ | ❌ | ❌ | 🕐 | 🕐 | 🕐 | ❌ | ❌ | ❌ |
| Utimaco | Q-Safe | HSM | 2022-11-28 | ❌ | ❌ | ✔️ | ✔️ | ❌ | ✔️ | ❌ | ✔️ | ❌ | ❌ | ❌ |
| Utimaco | u.trust Identify | PKI | 2022-11-28 | ✔️ | ❌ | ❌ | ❌ | ✔️ | ✔️ | ✔️ | ❌ | ❌ | ❌ | ❌ |
| Thales | Luna | HSM | 2022-11-22 | ❌ | ❌ | ✔️ | ✔️ | ❌ | ✔️ | ❌ | ✔️ | ❌ | ❌ | ❌ |
| Entrust | nShield | HSM | 2022-11-22 | ❌ | ❌ | ❌ | ❌ | ✔️ | ✔️ | ✔️ | ❌ | ❌ | ❌ | ❌ |
| Entrust | PKIaaS | PKI | 2022-11-22 | ✔️ | ❌ | ❌ | ❌ | ✔️ | ✔️ | ✔️ | ❌ | ❌ | ❌ | ❌ |
| Bouncy Castle | BC | Software library | 2022-11-22 | ✔️ | ❌ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| Keyfactor | SignServer | Signing Software | 2022-11-22 | ❌ | ❌ | ❌ | ❌ | ❌ | 🕐 | ✔️ | ❌ | ❌ | ❌ | ❌ |
| Keyfactor | EJBCA | PKI | 2022-11-22 | ❌ | ❌ | ❌ | ❌ | ✔️ | 🕐 | ❌ | ❌ | ❌ | ❌ | ❌ |
| Fortanix | FX2200 | HSM | 2022-11-29 | ❌ | ❌ | ✔️ | ❌ | 🕐 | 🕐 | 🕐 | ❌ | ❌ | ❌ | ❌ |
| Open Quantum Safe | liboqs | Software library | 2022-11-30 | ❌ | ❌ | ❌ | ❌ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
NOTE: HSS and XMSSMT are the multi tree variants of LMS and XMSS.
Primus HSM (https://www.securosys.com/en/products/primus-hardware-security-modules-hsm) manufactured by https://www.securosys.com/en/. The listed features are based on the roadmap for 2023 and are subject to change depending on market demand and industry research.
uTrust Identify and Q-Safe firmware extension. Software simulator availabe, Dilithium in process of updated to round 3 version
Functional module for Luna. Need functional modules enabled.
Java and C# APIs with all NIST candidate support, and some older ones. Available as open source software. All NIST candidated available in Java from version 1.72 and C# from version 2.0.0.
The Bouncy Castle for kotlin open source package provides a script/command line interface for generating certificate chains with different algorithms.
nShield
The Entrust nShield Post-Quantum SDK enables post-quantum cryptographic applications for nShield HSMs with the CodeSafe SDK. https://www.entrust.com/-/media/documentation/datasheets/entrust-pqc-option-pack-ds.pdf
PKIaaS
The Entrust PKI as a Service (PKIaaS) for Post-Quantum Beta Program supports all three algorithms selected in round 3 of the NIST competition and can provide composite and pure quantum CA hierarchies. https://www.entrust.com/digital-security/certificate-solutions/products/pki/managed-services/pki-as-a-service
SignServer
SignServer performs server side signing and is capable of Post-Quantum signatures on CMS (RFC5662) messages. Available as open source software from SignServer Community v5.9.1.
EJBCA
EJBCA PKI software can issue X.509 certificates supporting Post-Quantum algorithms. Available for private test.
Fortanix DSM has LMS support, and NIST candidate signature algorithms on the roadmap for first half of 2023. See Algorithm Support
OQS is an open source software library that implements PQC algorithms, as well as integrations such as into OpenSSL.
The following table contains references to the PQC capabilities and algorithms.
| Algorithm | Reference |
|---|---|
| Composite certificates | https://datatracker.ietf.org/doc/draft-ounsworth-pq-composite-keys/ |
| Hybrid certificates | https://datatracker.ietf.org/doc/html/draft-truskovsky-lamps-pq-hybrid-x509-01 |
| LMS | https://www.rfc-editor.org/rfc/rfc8708.html |
| XMSS | https://datatracker.ietf.org/doc/html/rfc8391 |
| Falcon | https://falcon-sign.info |
| Dilithium | https://pq-crystals.org/dilithium/resources.shtml |
| SPHINCS+ | https://sphincs.org |
| Kyber | https://pq-crystals.org/kyber/index.shtml |
| BIKE | https://bikesuite.org |
| McEliece | https://classic.mceliece.org |
| HQC | https://pqc-hqc.org |
| NIST Recommendation for Stateful Hash-Based Signature Schemes | SP800-208 |