Castle Shield Holdings, LLC Adds Post-Quantum Cryptography (PQC) to Its Data-in-Motion VPN Solution
(Yahoo.Finance) Castle Shield Holdings, LLC., has successfully integrated post-quantum cryptography (PQC) into its Aeolus VPN enterprise data-in-motion solution. Aeolus VPN now offers point-to-point asymmetric PQC and symmetric encryption for UDP and TCP on Windows, Linux and macOS platforms. Aeolus VPN offers a streamlined approach to privacy which results in more stability and lower latency that is a perfect addition to enterprise data-in-motion security for both classic and post-quantum computing environments.
In April, Castle Shield released Aeolus VPN which protects data between two or more network points. Please refer to our press release dated April 19, 2021, for additional product specification.
PQC refers to a set of classical cryptographic asymmetric algorithms that are believed to be “quantum-safe,” meaning that they are expected to remain safe even in the presence of quantum computers. The National Institute of Standards and Technology (NIST) has narrowed down the original 69 submissions to 7 finalists and 8 alternate candidates. Castle Shield has integrated two of the NIST Round 3 finalists PQC asymmetric encryption.
Many applications today are protected by asymmetric encryption key exchange protocols known as “public key cryptography” or PKC. Examples include RSA, RSA-EC, DSA, DH, and ECDH. These protocols rely on the assumption that it would take today’s most powerful classical computers thousands of years to solve certain mathematical problems (e.g., factoring large numbers or computing a discrete logarithm).
Quantum computers are expected to break these cryptographic schemes in short order. If quantum computers were widely available today, most, if not all digital communications using PKCs would potentially be compromised. While the date that quantum computers will be available is uncertain, it is important for companies, organizations, government entities, and individuals to start preparing for the impending quantum computing revolution.
Castle Shield is taking a lead posture by packaging and productizing two of the PQC candidates and integrating them into off-the-shelf products. This demonstrates that Castle Shield has the capability to package and productize PQC algorithms. Given our encryption agnostic approach, Castle Shield will focus on the two leading candidates in each category and will update our use of the PQC’s as they evolve.
Specifically, the current PQC algorithms fall under two categories: Key Encapsulation Mechanism (KEM) and Digital Signature Algorithm (DS).
“While many corporations and government agencies are focused on the asymmetric key exchange when preparing for the quantum era, Castle Shield has adopted a holistic cryptographic approach by including quantum-resistant encryption algorithms for both asymmetric and symmetric ciphers. It is true that symmetric ciphers, like the Advanced Encryption Standard (AES), are thought to be less vulnerable in the early part of the quantum era; however, Castle Shield has decided to offer solutions with both asymmetric (PQC) and symmetric encryption that are mathematically quantum-resistant. Customers can choose to enable both types of encryptions based on their specific needs. Castle Shield is currently the only cybersecurity solutions provider to offer quantum-resistant algorithms for both. In a world where data breaches, ransomware, and other cyberattacks are occurring daily, protecting our customer’s most valued asset, their data, should not be left to chance,” said Dr. Milton Mattox, Chief Technology Officer at Castle Shield, Holdings, LLC.