Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library

Microsoft has started introducing support for post-quantum algorithms in SymCrypt, its main cryptographic library.

In preparation for the quantum computers era, Microsoft has started adding post-quantum cryptography (PQC) algorithms to its SymCrypt open source core cryptographic library.

Expected to help solve complex problems in various fields, quantum computers are poised to disrupt commonly used asymmetric algorithms, breaking today’s encryption and security, which are not resilient to quantum attacks.

PQC algorithms, on the other hand, are far more resistant, as they are based on mathematical problems that are difficult for both classical and quantum computers, and are seen as the solution for future cryptography.

However, these algorithms arrive with trade-offs, such as requirements for “larger key sizes, longer computation times, and more bandwidth than classical algorithms. Therefore, implementing PQC in real-world applications requires careful optimization and integration with existing systems and standards,” Microsoft explains.

As a key participant to post-quantum computing initiatives, Microsoft has established the Quantum Safe Program (QSP), which aims to achieve quantum readiness through integrating PQC algorithms into Microsoft products and services, and to support quantum-safe transitions.

As part of these efforts, last week the tech giant released an update for SymCrypt, which is the main cryptographic library in Azure and Windows products, and in Microsoft 365, to include support for the ML-KEM (FIPS 203, formerly Kyber) and XMSS (eXtended Merkle Signature Scheme) algorithms.

In the coming months, Microsoft will add support for additional PQC algorithms to the library, including ML-DSA (FIPS 204, formerly Dilithium), SLH-DSA (FIPS 205, formerly SPHINCS+), and LMS (the Leighton-Micali Signature Scheme).

“PQC algorithms […] have been fine-tuned for efficiency in speed and size and have gone through rigorous tests for security and robustness. Efforts are ongoing within multiple industry standards organizations to ensure these algorithms are adopted into and compatible with existing standards and protocols, and that they can operate in hybrid mode alongside classical algorithms,” Microsoft explains.

Advertisement. Scroll to continue reading.

The tech giant also notes that this initial generation of PQC algorithms should be viewed as an evolving and not the definitive solution for cryptography, but adds that the support for these algorithms in the underlying crypto engine is a first step towards a quantum safe world.

“SymCrypt offers a consistent interface for encryption, decryption, signing, verification, hashing, and key exchange using both symmetric and asymmetric algorithms. It is built to be fast, secure, and portable across multiple platforms and architectures,” and Microsoft uses it “to provide cryptographic security for scenarios such as email security, cloud storage, web browsing, remote access, and device management.”

Related: Crypto Vulnerability Allows Cloning of YubiKey Security Keys

Related: New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys

Related: Understanding the Evolution of Cybercrime to Predict Its Future

Related: Flaw in Microsoft OME Could Lead to Leakage of Encrypted Data

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.