Microsoft has taken a major step forward in its post-quantum cryptography (PQC) journey: SymCrypt-OpenSSL version 1.9.0 will enable PQC capabilities for Linux and Windows Insiders (Canary Channel Build 27852 and higher). Customers can now start investigating and testing PQC algorithms like ML-KEM algorithms and ML-DSA algorithm in their operational settings due to this change. Microsoft Offers Linux and Windows Insiders Quantum-Resistant Cryptography.
Modern cryptography methods face substantial hurdles as a result of the development of quantum computing. Microsoft hopes to assist organizations in proactively evaluating the performance, interoperability, and integration of these innovative algorithms with current security infrastructure by offering early access to PQC capabilities. As industry standards change, this pragmatic approach aids security teams in identifying possible obstacles, refining implementation plans, and easing the transition. Early adoption also provides important insights on preventing new risks and safeguarding private information against quantum dangers in the future.
Cryptography API Update: Next Generation (CNG)
The improvement of the Cryptography API: Next Generation (CNG) is a key component of this Windows version. The previous CryptoAPI is intended to be permanently replaced with CNG. It is designed to be both expandable and independent of cryptography. CNG is designed for programmers creating apps that let people produce and share data safely, especially across insecure channels like the Internet. Although it is not necessary, developers working with CNG should be conversant in C, C++, and the Windows programming environment. Knowledge of cryptography or security-related topics is also recommended.
The Cryptographic Provider Development Kit from Microsoft must be downloaded by developers who are building a CNG cryptographic algorithm provider or key storage provider. Windows Server 2008 and Windows Vista are the first to enable CNG. The most recent PQC improvements make use of cryptographic messaging features, CNG libraries, and certificates.
Windows’s New PQC Algorithms
Through CNG updates, Microsoft is introducing ML-KEM and ML-DSA, two important NIST-standardized algorithms, to Windows Insiders.
For situations that call for public key encapsulation or key exchange, developers can now test out ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism). This is especially helpful when getting ready for the “harvest now, decrypt later” scenario, in which hackers may store encrypted data today with the goal of employing a quantum computer to decipher it tomorrow. During the transition, Microsoft recommends a hybrid strategy that combines ML-KEM with well-known algorithms like RSA or ECDH for defense in depth, ideally with NIST security level 3 or above when appropriate.
Also Read About Quantum Kernel Methods In Quantum ML For IoT Data Analytics
This update includes the following ML-KEM parameter sets:
| Algorithm | Public (encapsulation) key size | Ciphertext size | Shared secret size | NIST security level |
| ML-KEM 512 | 800 bytes | 768 bytes | 32 bytes | Level 1 |
| ML-KEM 768 | 1184 bytes | 1088 bytes | 32 bytes | Level 3 |
| ML-KEM 1024 | 1568 bytes | 1568 bytes | 32 bytes | Level 5 |
Developers can test PQC algorithms for situations requiring digital signatures to verify identity, integrity, or authenticity by including ML-DSA (Module-Lattice-Based Digital Signature Algorithm) into CNG. Additionally, Microsoft supports a hybrid strategy in this case, utilising ML-DSA algorithm in conjunction with pre-existing algorithms such as RSA or ECDSA throughout the transition.
According to preliminary investigation, the use of these new algorithms will be somewhat impacted by size and performance. In order to comprehend these impacts on their environment and applications, customers are urged to start their analysis early.
The ML-DSA algorithms parameter sets listed below are available:
| Algorithm | Public key size | Private key size | Signature size | NIST security level |
| ML-DSA-44 | 1312 bytes | 2560 bytes | 2420 bytes | Level 2 |
| ML-DSA-65 | 1952 bytes | 4032 bytes | 3309 bytes | Level 3 |
| ML-DSA-87 | 2592 bytes | 4896 bytes | 4627 bytes | Level 5 |
The Windows certificate API surface win crypt lets customers test installation, importing, and exporting ML-DSA certificates to and from the certificate store and CNG and post-quantum cryptography (PQC) updates. Verifying PQ certificate chains and trust status is also possible.
Features of PQC for Linux Users
Microsoft is providing PQC updates in the SymCrypt provider for OpenSSL 3 in recognition of the fact that many Linux users look forward to them. Linux programmers can utilize OpenSSL’s API surface, which is driven by SymCrypt cryptographic operations, due to this supplier.
According to the most recent IETF internet draft, users can test TLS hybrid key exchange using SymCrypt-OpenSSL version 1.9.0. This offers a chance to help get ready for “harvest now, decrypt later” threats early on. This feature makes it possible to thoroughly examine the effects of incorporating PQC algorithms in a hybrid mode on the length of handshake messages, TLS handshake delay, and overall connection efficiency. Understanding the practical trade-offs of implementing PQC requires such studies.
It is crucial to remember that the SymCrypt-OpenSSL implementation will be updated when standards change to guarantee compliance and interoperability, and that these modifications for Linux are based on draft specifications.
What’s Up Next
An essential initial step is the description of PQC’s integration with Linux and Windows Insiders.
There are plans for further features and improvements:
- Adding SLH-DSA to SymCrypt, CNG, and SymCrypt-OpenSSL is one of the upcoming projects.
- Adding more algorithms to ensure broad compatibility as PQC standards develop, improve security, and adhere to international legislation.
- Working with industry partners on X.509 standardizations related to the broad usage of ML-DSA algorithm, composite ML-DSA, SLH-DSA, ML-KEM, composite ML-KEM, and LMS/XMSS within the IETF’s LAMPS working group. Firmware and software signing are two examples of PKI use cases and signature techniques that will be pertinent to these endeavors.
- Using the Windows TLS stack (Schannel), we are actively working to introduce TLS hybrid key exchange to Windows users.
- Working with the IETF to develop and standardize quantum-safe authentication methods for TLS and other IETF protocols like SLH-DSA, Composite ML-DSA, and pure ML-DSA. As standards are established, the SymCrypt provider for OpenSSL, Windows TLS stack (Schannel), and Linux Rust Wrapper will provide them.
- Microsoft Active Directory Certificate Services actively supports PQC algorithms. Customers setting up a Certification Authority (CA) will be able to use a CA certificate based on PQC methods such as ML-DSA algorithm to this. Customers can enroll in PQC end-entity certificates, and PQC algorithms will sign CA-issued CRLs. All pertinent ADCS role services will be supported.
- Adding support for PQC certificates to Microsoft Intune’s Certificate Connector, which will allow endpoints and mobile devices to sign up and acquire quantum-safe credentials. This will allow on-premises CAs using ADCS to unblock SCEP & PKCS #12 scenarios.
TLS 1.3 is a crucial requirement for PQC. If they haven’t already, Microsoft highly encourages users to begin moving away from outdated TLS protocols.
To give users early access to test features in real-world settings, these new features will be made available through Windows Insiders and development channels. By doing this, Microsoft is able to get input on usability, security, and compatibility, allowing for incremental changes prior to general release. After standards are finalized, Microsoft is still dedicated to a flexible and adaptable deployment approach that will deliver reliable and compatible solutions to supported platforms. Working together with standards organizations and industry partners will help guarantee that features meet the demands of the global regulatory framework and the needs of the larger ecosystem.
Also Read About What is Quantum Algorithms and How it works
Obstacles and Prospects for the Future
Since PQC algorithms are still in their infancy, they should be considered a developing discipline. This emphasizes how crucial “Crypto Agility” is in creating solutions that are adaptable to employing various algorithms or that can be upgraded to new ones when standards change.
Microsoft promotes employing a hybrid PQ style of operation to deploy PQC solutions and developing crypto-agile solutions. These hybrid modes, such composite certificates or TLS hybrid key exchange, combine a PQ algorithm with a more conventional one, like RSA or ECDHE. It is expected that as algorithms and standards advance, pure PQ implementations will become more prevalent.
Even if integration represents a significant turning point, there are still issues with PQC algorithms’ performance, compatibility with current systems, and gaining broad acceptance.
Performance considerations: Compared to traditional algorithms, PQC algorithms frequently demand higher processing power. One of the main challenges is to implement it efficiently without having a major effect on system performance. Techniques for hardware acceleration and ongoing optimization are crucial. Keccak is used in many PQ algorithms, and for effective PQC cryptography, its performance must be improved, particularly with hardware acceleration.
Larger key encapsulation techniques and digital signatures, especially in hybrid mode, may increase round-trip time when utilized in TLS. Although signatures cannot be compressed, IETF drafts are investigating methods like certificate compression and TLS key sharing prediction. It is advised to evaluate these effects on applications and surroundings.
Adoption and Compatibility: Upgrading and replacing the current cryptographic infrastructure is necessary to make the switch to PQC. Coordination between developers, hardware producers, and service providers is necessary to guarantee compatibility with legacy systems and achieve broad acceptance. Adoption will be aided by government-mandated compliance deadlines as well as education and awareness initiatives.
In conclusion
An important step towards getting ready for the quantum future is the integration of PQC capabilities into Linux and Windows Insiders. Microsoft is contributing to the development of a digital future that harnesses the advantages of quantum computing while reducing security threats by proactively resolving the security issues with existing cryptography standards. Adoption of PQC will be essential for protecting data, communications, and digital infrastructure as quantum computing develops. Building more robust systems requires cooperation, and security is a shared responsibility.
