BlackBerry says it will protect long-lived assets from quantum computing attacks

BlackBerry's new quantum-resistant code signing server is designed for assets like aerospace equipment or transportation infrastructure, which will still be in use when quantum computing attacks are expected to emerge.

BlackBerry on Thursday announced that it's adding a quantum-resistant code signing server to its cybersecurity portfolio. The server is aimed at customers with long-lived assets -- like aerospace equipment, connected cars, or transportation infrastructure -- that will still be in use in a few years from now, when quantum computing attacks are expected to emerge.

The server uses cryptographic libraries from ISARA Corporation, a security company that specializes in quantum-safe cryptography. It will allow software to be digitally signed using a scheme that will be hard to break with a quantum computer.

People have long known that quantum computing would eventually pose a serious cybersecurity threat to standard public key encryption. Now, experts are warning this threat could emerge within a little more than five years because of advances in quantum computer technologies.

"Anyone that wants to make sure that their data is protected for longer than 10 years should move to alternate forms of encryption now," Arvind Krishna, director of IBM Research, said earlier this year.

In a release, BlackBerry said that organizations should take steps to protect their long-lived assets now. The ubiquity of public key cryptography, the company argues, will make the migration to quantum-resistant systems a multi-year effort.

"By adding the quantum-resistant code signing server to our cybersecurity tools, we will be able to address a major security concern for industries that rely on assets that will be in use for a long time," BlackBerry CTO Charles Eagan said in a statement. "If your product, whether it's a car or critical piece of infrastructure, needs to be functional 10-15 years from now, you need to be concerned about quantum computing attacks."