Post-quantum cryptography support in TrustCore SDK
DigiCert® TrustCore SDK helps developers build secure, compliant, and quantum-resilient IoT and embedded systems. As quantum computing advances, TrustCore provides cryptographic agility with post-quantum cryptography (PQC) algorithms and protocols aligned with emerging standards.
Supported PQC algorithms
TrustCore SDK natively supports the following quantum-safe algorithms:
ML-KEM: A lattice-based key encapsulation mechanism for secure key exchange in post-quantum environments
ML-DSA: A digital signature algorithm that provides strong authentication and integrity protection against quantum-level attacks
SLH-DSA: A stateless, hash-based signature algorithm suited for constrained environments that require long-term security
The NanoCrypto module implements these algorithms with lightweight cryptography optimized for embedded systems.
TLS 1.3 with PQC support
The NanoSSL module supports TLS 1.3 and provides secure communication with forward secrecy and reduced handshake latency.
When combined with ML-KEM or ML-DSA, TLS 1.3 sessions are hardened against quantum threats, preserving confidentiality and integrity against future cryptanalysis advances.
Modular architecture for seamless integration
TrustCore’s modular design lets developers add PQC capabilities selectively:
NanoCrypto: Core cryptographic engine with PQC algorithm support
NanoSSL: TLS 1.3 stack with certificate management and PQC-ready handshake options
NanoTAP and NanoSMP: Provide simplified integration with TPMs and HSMs for secure key storage and hardware acceleration
Compliance and interoperability
TrustCore SDK is built with compliance in mind:
Supports FIPS 140-2 and 140-3 Level 1 certification options.
Works with more than 70 chipsets and 30 operating systems.
Provides OpenSSL compatibility through the OpenSSL Connector to simplify migration to PQC-ready stacks.