CLEVELAND, April 22, 2025 -- Keyfactor, the industry leader in digital trust for modern enterprises, today announced upcoming and recent considerable post-quantum capabilities to Keyfactor Command, Keyfactor EJBCA, Bouncy Castle, and more, highlighting the company’s continued leadership and momentum in post-quantum cryptography (PQC).

The National Institute of Standards and Technology (NIST) recently published a recommended PQC timeline to deprecate traditional cryptographic algorithms by 2030 and disallow them entirely by 2035. To help businesses take actionable steps in their PQC transition and ensure crypto-agility, Keyfactor will introduce new features and updates to its industry-leading public key infrastructure (PKI) and cryptographic solutions, including:

• Keyfactor Command 25.1: Command will enable customers to inventory all PQC certificates, the critical first step in the PQC transition. Customers can also issue, enroll, and automate hybrid RSA/ML-DSA certificates, bringing full life cycle automation to PQC adoption.
• Keyfactor EJBCA 9.3: EJBCA, which already supports NIST-standardized PQC algorithms, will soon enable hardware security module (HSM) support for secure testing of PQC technologies and issuance of SLH-DSA algorithm and PQC certificates.
• Bouncy Castle 1.80 Java: As the cryptographic library that serves as the foundation for some of the world’s largest technology platforms, including Keyfactor’s solutions, Bouncy Castle continues to integrate new PQC algorithms as they are standardized, ensuring cryptographic agility.

“When it comes to PQC preparations, many business leaders must shift their focus from ‘when will Q-day arrive,’ to actually starting the transition process,” said Ted Shorter, CTO of Keyfactor. “While 2030 and 2035 seem far away, it will likely take 5 to ten years for businesses to transition. It’s important to note, we don’t need a perfect quantum computer to break current encryption methods and cryptographic standards. At Keyfactor, we will continue rolling out new features that support the migration to quantum-safe standards, every step of the way.”

Keyfactor is also working with leading technology and security partners to develop scalable, quantum-safe solutions for enterprises worldwide. This includes strategic partnerships with Thales, Utimaco, Quantinuum, Fortanix and others.

“The PQC transition cannot be achieved through one solution alone,” said Jordan Rackie, CEO of Keyfactor. “It will require key collaborations and a mindset shift for business leaders as quantum readiness becomes a new KPI for businesses in the near future. At Keyfactor, we are committed to being an important piece of the PQC puzzle, fueling businesses to reach the KPIs of the future and ensure a smooth PQC transition.”

In addition to the latest PQC updates, Keyfactor has introduced several impactful PQC features over the past few years, including:

• Keyfactor Command Risk Intelligence: The world’s first certificate risk management solution includes capabilities that help organizations map their cryptographic footprint and identify which certificates will need to transition first in their PQC journey.
• Keyfactor EJBCA: Among the many PQC updates rolled out recently, EJBCA 9.1 now supports issuing internal certificates using PQC-safe algorithms, including ML-DSA and hybrid RSA/ML-DSA. Use of PQC algorithms in internal PKI better equips organizations to protect sensitive data and assets against the threat of decryption, including the real and present steal-now-decrypt-later risk, protecting sensitive business information and customer data long-term.
• Keyfactor SignServer: The release of SignServer 7.1 includes support for both ML-DSA and SLH-DSA algorithms, the first completed standards from NIST’s PQC standardization project, fostering quantum-safe encrypted communications.
• Keyfactor PQC Lab: Keyfactor’s free SaaS-based PKI sandbox allows customers to quickly test quantum-ready certificates in a safe environment, helping them build a PQC-ready PKI.