Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service (Cloud KMS) for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers.
The feature, currently in preview, coexists with the National Institute of Standards and Technology’s (NIST) post-quantum cryptography (PQC) standards, the final versions of which were formalized in August 2024.
“Our Cloud KMS PQC roadmap includes support for the NIST post-quantum cryptography standards (FIPS 203, FIPS 204, FIPS 205, and future standards), in both software (Cloud KMS) and hardware (Cloud HSM),” the company’s cloud division noted.
“This can help customers perform quantum-safe key import and key exchange, encryption and decryption operations, and digital signature creation.”
The tech giant said its underlying software implementations of these standards – FIPS 203 (aka ML-KEM), FIPS 204 (aka CRYSTALS-Dilithium or ML-DSA), and FIPS 205 (aka Sphincs+ or SLH-DSA) – would be available as open-source software.
Furthermore, it’s working with Hardware Security Module (HSM) vendors and Google Cloud External Key Manager (EKM) partners to enable quantum-safe cryptography across the platform.
By adopting PQC early on, the idea is to secure systems against a threat called Harvest Now, Decrypt Later (HNDL) that involves threat actors harvesting encrypted sensitive data today with the goal of decrypting them at some point in the future when a quantum computer powerful enough to break existing key exchange protocols and algorithms become a reality.
“While that future may be years away, those deploying long-lived roots-of-trust or signing firmware for devices managing critical infrastructure should consider mitigation options against this threat vector now,” Google Cloud’s Jennifer Fernick and Andrew Foster said.
“The sooner we’re able to secure these signatures, the more resilient the digital world’s foundation of trust becomes.”
Quantum-safe digital signatures in Cloud KMS is available in preview for both ML-DSA-65 (FIPS 204) and SLH-DSA-SHA2-128S (FIPS 205), with API support for hybridization schemes planned for future rollout if the cryptographic community arrives at a broader consensus.
