Key trends for 2025 Part I: Postquantum Cryptography

It’s that time of year again where we reflect on what happened within our industry in 2024 and look ahead at what’s to come in 2025. Educated predictions allow us to put our best foot forward on forecasting the industry’s anticipated needs and help organizations effectively plan for the future. As we look ahead to 2025, the digital certificate and Private Key Infrastructure (PKI) space is set to undergo significant shift. Some of the major transformations we’ll see in 2025 will be driven by postquantum cryptography (PQC).

Let’s look at three key trends under this umbrella:

Announcements of postquantum cryptographic abilities

In 2025, we will see a surge of official announcements from forward-thinking vendors about their postquantum cryptographic (PQC) capabilities. It's important to note that these announcements will not indicate the immediate availability of PQC solutions, rather a commitment to transitioning towards PQC standards by 2026. With organizations like NIST finalizing PQC deadlines, vendors will need to demonstrate their readiness to implement these standards and assist customers in transitioning smoothly. These announcements will serve multiple strategic purposes, including:

• Staying ahead of the cybersecurity curve: Demonstrating a proactive approach to emerging threats.
• Building customer confidence: Reassuring customers of their commitment to security.
• Regulatory alignment: Ensuring compliance with any upcoming regulations.
• Marketing and differentiation: Showcasing leadership in the market.

The rise of quantum-safe Hardware Security Modules (HSMs)

Quantum-safe Hardware Security Modules (HSMs) will become a standard off-the-shelf product purchased by forward thinking enterprises by the end of 2025. HSMs are crucial for maintaining the security and integrity of cryptographic keys and sensitive data. While current HSMs excel in handling classic cryptographic operations, they must evolve to meet the demands of postquantum algorithms. Organizations currently using HSMs will need to upgrade to PQC-capable models to address emerging threats. Additionally, organizations with a private Certificate Authority must use this upgrade cycle to enhance the protection of their root CA private keys by storing them in HSMs.

With NIST’s firm timelines to transition away from RSA and ECC algorithms, the urgency of preparing for the postquantum era begins now.

Standardized postquantum cryptographic algorithms in private PKI instances

Before the end of 2025, organizations will have access to standardized postquantum cryptographic algorithms in private PKI instances. This development will enable organizations to explore PQC capabilities and better understand and leverage new algorithms. Additionally, organizations will be able to test systems for forward compatibility, ensuring their systems are ready for the quantum era. Lastly, this will enable organizations to devise action plans to protect against "Harvest and Decrypt" attacks to safeguard sensitive data from future quantum threats.

As we prepare for the quantum era, it's crucial for organizations to stay ahead of these trends and proactively address the challenges and opportunities that lie ahead. By embracing these advancements, organizations can ensure their systems are in a good space to be resilient against quantum attacks, safeguarding sensitive data and maintaining trust in an increasingly digital world. The journey towards a postquantum era is just beginning, and proactive adaptation will be key to navigating this new frontier. The time to act is now, ensuring that your infrastructure is ready for the quantum leap. Stay tuned for more updates and insights as we navigate this exciting transition together.

Related posts:

What is the purpose of post-quantum cryptography?

The current state of quantum cryptography & why readiness is key

Embracing quantum readiness