Google Cloud introduces quantum-safe digital signatures

News
By
published

Google Cloud digital signatures are now future-proof

The logo of Google Cloud
(Image credit: Future)
  • Google Cloud now offers PQC algorithms for digital signatures
  • The move comes as part of Google Cloud quantum-safe roadmap
  • The feature is available in preview now, with more PQC changes to come

Google Cloud has taken an additional step to secure its platform from the threat posed by quantum computing to public-key cryptography by announcing the availability of quantum-safe digital signatures in preview in the Google Cloud Key Management Service (KMS).

Theoretically, quantum computers will be able to crack most modern encryption algorithms in a matter of hours, but the viability of such a system is still at least a decade away by most expert estimates.

This does present threats today, however, with cybercriminals stealing vulnerable encrypted data today in order to decrypt it when ‘Q-Day’, or the day when the availability of cryptographically-relevant quantum computers arrives. This has necessitated the development of post-quantum cryptography (PQC) to secure data against ‘harvest-now-decrypt-later’ attacks.

Securing the future of digital signatures

Quantum-safe digital signatures are just one step in Google Cloud’s roadmap towards a fully PQC platform.

For digital signatures specifically, quantum brings the threat of forgery and tampering, with Google Cloud highlighting that working to resolve these threats now will help build a more resilient infrastructure and inspire other platforms to do the same.

Google Cloud has also revealed in the announcement that to help enforce transparency and code-auditability, the quantum-related software implementations will be available as part of Google’s open-source cryptographic libraries BoringCrypto and Tink.

This update to digital signatures specifically implements the ML-DSA-65 and SLH-DSA-SHA2-128S PQC algorithms in line with NIST standards. Google Cloud will also be implementing new PQC algorithms and techniques into its Hardware Security Modules (HSM).

Google Cloud customers will be able to use the latest PQC algorithms in Cloud KMS and provide feedback on their implementation, and suggestions on other specific cryptographic requirements. Essentially, the use of Cloud KMS’s latest algorithms acts as a testbed for building and expanding the availability of PQC across the Google Cloud platform.

You might also like

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

More about security
Russian flag on a laptop

Major Russian IT service provider hit with cyberattack
Someone holding a passport with two boarding passes inside it

Top digital loan firm security slip-up puts data of 36 million users at risk
Amazon Kindle Paperwhite 2024 from the front

Attention, Kindle owners – today is your last chance to download backups of your ebooks
See more latest