Google announced on Thursday the development of safe digital firms (FIPS 204/FIPS 205) in Google Cloud Key Management Service (Cloud KMS) for software -based keys. This is available in the preview.
The search giant also provided a high -level view in its strategy posed to the Google cloud encryption products, including cloud KMS and the cloud hardware safety module (Cloud HSM ).
Concern assembly for public key cryptography systems
This is significant, said the company, because the safety of many of the most used public -key cryptography systems in the world has become more and more concern as experimental quantum computing continues to progress. Large and cryptographically relevant quantum computers have the potential to break these algorithms.
However, the subsequent qantum cryptography (PQC) can use existing hardware and software to mitigate these risks. The new PQC standards of the National Institute of Standards and Technology (NIST) were available in August 2024, allowing technology suppliers around the world to begin PQC migrations.
“In Google, we seriously take the computing risks after quanto,” wrote Jennifer Fernick, a senior personnel security engineer, and Andrew Foster, engineering manager of Cloud Kms, in a Jogle Cloud blog post. “We started trying PQC in Chrome in 2016, we have been using PQC to protect internal communications since 2022, and we have taken additional protection measures that compute quantum in Google Chrome, Google data centers servers, and in experiments for Connections between Chrome Desk and Google products (such as Gmail and console in the cloud) “.
The Google approach for quantum clouds kms
Detailed Google steps The company is taking to make Google Cloud Kms Quantum Safe, which include:
- Offering software and hardware support for standardized quantum safety algorithms.
- Migration routes support for keys, protocols and workloads of existing clients to adopt PQC.
- To the underlying central infrastructure of Google of Google.
- Analyze the safety and performance of algorithms and PQC implementations.
- Contributing technical comments to PQC defense efforts in organizations for standards and government organizations.
Averaged open source availability
Google Cloud KMS PQC Route Map admits Nist cryptography standards after quantium (FIPS 203, FIPS 204, FIPS 205 and future standards), which can help customers perform import and import operations of safe keys to safe keys Security, encryption and deciphered, and digital and digital signatures creation, according to the company.
Software implementations of these standards will be available for KMS customers in the cloud as open source software and maintained as part of the open source cryptographic libraries authorized by Google, BoringCrypto and Tink, Fernick and Foster wrote.
Safe quantum digital firms are now available in the KMS cloud, so customers can use Google's existing API to sign the data cryptographically and validate firms using the safe cryptography of the NIST with standardized with pairs stored in KMS In the cloud.
“This unlocks the essential work of testing and integrating these signature schemes into existing workflows before the broader adoption,” Fernick and Foster explained. “It can also help to ensure that recently generated digital firms are resistant to attacks by future adversaries that may have access to cryptographically relevant quantum computers.”
