Keyfactor’s EJBCA, SignServer updates empower customers with post-quantum readiness | IoT Now News & Reports

Keyfactor, a security solution for modern enterprises, has announced launch of two new product updates, EJBCA 8.0 and SignServer 6.0. The updates bring significant advancements in post-quantum readiness and Internet of Things (IoT) security as organisations seek safeguards against the rising possibility of cyberattacks brought on by developments in and growth of both technologies.

“Today, many organisations aren’t prepared for the transition to post-quantum cryptography. Whether they are ready or not, the new algorithms and standards are coming soon, and PKI (public key infrastructure) will need to adapt accordingly,” says Ted Shorter, chief technology officer, Keyfactor. “As a leader in PKI and cryptography management, we have put ourselves in front of this coming wave, and our mission is to lead our customers through their post-quantum transition. We’re committed to providing the tools and capabilities they need to establish and maintain digital trust in their ecosystem as their security needs evolve, including in their transition to post-quantum security and securing emerging IoT devices by design.”

New features with EJBCA 8.0 include:

• Post-quantum preparation: Support to start testing and evaluating new quantum-safe candidate algorithms for certificate issuance and certificate signing, including Dilithium and Falcon. The update allows companies to better prepare for the inevitable transition to post-quantum cryptography ahead of the National Institute of Standards and Technology (NIST) finalising standardisation in 2024.
• New IoT security capabilities: A new modular extension to EJBCA, plus support for the Matter Smart Home standard, extends the powerful capabilities already offered by Keyfactor today by making it even easier for manufacturers to deploy PKI on the factory floor, at the edge, or in operational technology (OT) environments, while supporting industry requirements.
• Agile SSH certificate issuance: A new SSH Certificate Authority (CA) type that helps organisations move towards a more agile and secure approach of establishing trusted connections with machines. Specifically, the update makes it possible for organisations to issue host and user SSH certificates, enhance security with the ability to issue short-lived SSH certificates, and replace static SSH keys and passwords that are hard to manage and vulnerable to theft or misuse.

Updates to Keyfactor’s SignServer 6.0 include:

• Post-quantum readiness: Supports code signing with post-quantum candidate algorithms, including Dilithium and SPHINCS+, in testing environments that will enable developers and product teams to run a proof-of-concept to sign their code, applications, or firmware.
• IoT security advancements: Introduces the ability to digitally sign firmware with multiple signatures. With the update, device manufacturers can sign software and firmware with multiple signatures to ensure compatibility with different devices while improving the security of devices. The update also allows for a seamless transition to post-quantum security for IoT devices, making it possible to sign firmware with production-ready algorithms today and post-quantum algorithms in the future.

To learn more about EJBCA, please visit here.

To learn more about SignServer, please visit here.

For resources related to preparing for post quantum, please visit Keyfactor’s PQC Lab here.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow