SecureAge Technology is pleased to announce full Post-Quantum Cryptography (PQC) readiness across our data-protection portfolio. Our latest release implements the NIST-standard algorithms for post-quantum security—ML-DSA 44/65/87 for digital signatures and ML-KEM 512/768/1024 for key establishment and data encryption—enabling customers to begin a confident, phased transition to quantum-resilient protection.
Scope of the Release
- Product coverage: PQC capabilities are now available in SecureData, SecureEmail, SecureFile and SecureAge Central.
- End-to-end enablement: PQC is supported throughout the cryptographic chain, including:
- User certificates (identity and signing)
- Peer certificates (device and service trust)
- TLS handshakes between SecureAge clients and SecureAge Central server
What Is Post-Quantum Cryptography—and Why It Matters?
Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to resist attacks from large-scale quantum computers. Today’s widely used public-key methods—RSA and elliptic-curve cryptography (ECC)—are considered vulnerable to future quantum attacks:
- Harvest-now, decrypt-later risk: Adversaries can capture encrypted data today and store it until quantum capabilities mature. Long-lived data—personally identifiable information (PII), health and financial records, intellectual property, legal and government documents—will still require confidentiality years from now.
- Regulatory expectations: Many regulatory and industry frameworks now expect organizations to assess quantum risk, demonstrate crypto agility, and maintain a transition plan.
- Operational continuity: The safest path is to adopt hybrid cryptography (classical + PQC) during a transition period, maintaining interoperability while building quantum resilience.
What Organisations Should Do Now?
- Inventory cryptography and data flows. Identify where RSA/ECC is used: endpoints, servers, email, file sharing, backups, TLS, S/MIME, code signing, VPNs, and HSM/KMS integrations.
- Prioritise long-life and high-value data. Anything requiring confidentiality for more than five years should move first.
- Adopt crypto-agile platforms. Ensure systems can rotate algorithms, keys, and certificates without redesigning workflows.
- Plan a hybrid rollout. Use combined classical + PQC mechanisms (e.g., hybrid TLS, dual-algorithm certificates) to maintain compatibility.
- Update key management policies. Incorporate PQC algorithms into Certificate Authority (CA) profiles, define rotation schedules, and document issuance and revocation procedures.
- Pilot, measure, and scale. Start with a controlled group, validate performance and interoperability, then expand by business unit or data class.
- Educate and attest. Train operations and audit teams and record decisions and controls to demonstrate compliance.
How SecureAge Can Help?
SecureData – Persistent File-Level Encryption (PQC-ready)
Encrypts data at the file level so protection follows the file—on endpoints, shared folders, email and cloud storage—across Windows, macOS, and Linux. Supports offline access and fine-grained policy controls.
Use cases: Source code and R&D assets, finance/HR records, cross-border data movement.
Compliance alignment: Encryption at-rest, in-transit and in-use, access control and audit support for frameworks such as ISO/IEC 27001, SOC 2, PCI DSS, HIPAA, GDPR, and MAS TRM.
SecureEmail — Client-Side Encryption and Signing (PQC-Ready)
One-click digital email signing and encryption in Microsoft Outlook client
Use cases: Legal communications, executive correspondence, regulated data exchange with partners.
Compliance alignment: Secure transmission, message integrity, and non-repudiation with policy and audit support.
SecureFile — Controlled Sharing with Revocation (PQC-Ready)
Encrypt, sign and set expiration on file before sharing. External recipients follow a guided, access-controlled access path.
Use cases: Vendor collaboration, auditor packages, M&A document rooms.
Compliance alignment: Least privilege, data minimisation, provable access governance.
SecureAge Central – Centralise, Automate, Audit
A single console to update SecureAge client, target policies via Active Directory groups, generate and maintain user certificate lifecycle and maintain tamper-evident event logs for audit and forensics.
Use cases: Streamlined rollout, consistent policy application, and demonstrable controls for risk and compliance teams.
Next Steps
SecureAge delivers quantum-resilient, end-to-end encryption—practical to deploy, measurable to audit, and ready for the decade ahead. See them in action today!