Public Key Infrastructure Consortium (PKI Consortium)

Trusted digital assets and communication for everyone and everything

The slides and recordings from the Post-Quantum Cryptography Conference in Austin are now available. Click on a session title in the agenda to download the slides, you can also check our YouTube channel with all the recordings.

PKI Maturity Model (PKIMM)

To build a PKI maturity model that will be recognized around the globe as a standard for evaluation, planning, and comparison between different PKI implementations.

PKI Maturity Model Assessment Tools Blog Posts about the model

PKIMM Working Group Charter

Post-Quantum Cryptography (PQC)

Facilitate information exchange, encouraging discussions and sharing insights on various aspects of Post-Quantum Cryptography.

PQC Capabilities Matrix (PQCCM) Last PQC Conference Blog Posts about PQC

PQC Working Group Charter

Training and Certification (TC)

Developing professional standards and certification programs for PKI professionals.

TC Working Group Charter

Other Resources

Remote Key Attestation List of Trust Lists Our work on GitHub Join the PKI Consortium (free)

PKI Consortium

The PKI Consortium is comprised of leading organizations that are committed to improve, create and collaborate on generic, industry or use-case specific policies, procedures, best practices, standards and tools that advance trust in assets and communication for everyone and everything using Public Key Infrastructure (PKI) as well as the security of the internet in general. By engaging with users, regulators, supervisory bodies and other interested or relying parties the consortium can address actual issues. learn more…

Public Key Infrastructure

Public Key Infrastructure (PKI) defines the foundation for most modern security systems and provides Confidentiality, Integrity, Authenticity and Non-repudiation. It relies on public key cryptography, a universally accepted asymmetric technology that enables entities to securely communicate using an insecure transport or media, reliably link the data to the signatory and protects the integrity of the data while proving guarantees about the existence of the data at the time of signature creation.

Key Takeaways of the PQC Conference in Austin
January 30, 2025 by Paul van Brouwershaven (Entrust) Austin Conference Post-Quantum Cryptography PQC Texas
Over two days of intensive programming, experts delivered compelling presentations and engaged in insightful panel discussions, both in plenary sessions and concurrent breakout tracks. This year, the focus shifted decisively from theoretical exploration to concrete, actionable steps for implementing quantum-safe cryptography. The key takeaway was clear: delay poses the greatest risk, and immediate action is essential to achieve quantum resilience.

Third Post-Quantum Cryptography Conference: Join us in Austin, Texas!
October 22, 2024 by Paul van Brouwershaven (Entrust) Austin Conference Post-Quantum Cryptography PQC Texas
Join us on January 15 and 16, 2025, at the Thompson Conference Center, University of Texas, Austin for the third Post-Quantum Cryptography Conference. Explore the future of cryptography with industry leaders, technical experts, and decision-makers from across the globe.

On the Drawbacks of Post-Quantum Cryptography in TLS
September 27, 2024 by Dimitris Zacharopoulos (HARICA) Post-Quantum Cryptography PQC TLS
Ongoing efforts to deploy PQ/hybrid KEMs as drop-in replacements for current mechanisms are well-tested and crucial for protecting information and identity in the near future. On the other hand, PQ signatures remain an unsolved problem - at least in terms of being drop-in replacements for ECC/RSA.

WISeKey Releases 2024 Audited Financial Results and Outlines its 2025 Vision for Post Quantum Technology Convergence

WISeKey Releases 2024 Audited Financial Results and Outlines its 2025 Vision for Post Quantum Technology Convergence Schedules Conference Call and Webcast for Tuesday, April 22 at 10:00 am ET (4:00 pm CET) Geneva, Switzerland – April 17, 2025 – Ad-Hoc announcement pursuant to Art. 53 of SIX Listing Rules – WISeKey International Holding Ltd (NASDAQ: […] Published on Thursday April 17, 2025 at www.wisekey.com

OpenSSL Signing with EC’s PKCS#11 Wrapper

Introduction When it comes to securing digital communications or verifying the integrity of data, OpenSSL is one of the go-to tools for developers and security professionals. Whether you’re signing files, creating certificates, or verifying digital signatures, OpenSSL provides a flexible and powerful command-line interface to handle cryptographic operations. But there’s a catch—by default, OpenSSL works […] Published on Thursday April 17, 2025 at www.encryptionconsulting.com

Microsoft’s Secure by Design journey: One year of success

Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative. The post Microsoft’s Secure by Design journey: One year of success appeared first on Microsoft Security Blog. Published on Thursday April 17, 2025 at www.microsoft.com

WISeKey, SEALSQ, OISTE Foundation, and the United Nations Alliance of Civilizations Unite to Launch HUMAN-AI-T, a Global Initiative to Embed Humanity into Artificial Intelligence UNAOC AI for #OneHumanity: Human-Centered Artificial Intell

WISeKey, SEALSQ, OISTE Foundation, and the United Nations Alliance of Civilizations Unite to Launch HUMAN-AI-T, a Global Initiative to Embed Humanity into Artificial Intelligence UNAOC AI for #OneHumanity: Human-Centered Artificial Intelligence Geneva, Switzerland, April 17, 2025 –WISeKey International Holding Ltd (“WISeKey”) (SIX: WIHN, NASDAQ: WKEY), a leading global cybersecurity, blockchain, and IoT company, its subsidiary […] Published on Thursday April 17, 2025 at www.wisekey.com

Wie Sie das Zertifikats-Chaos meistern

The post Wie Sie das Zertifikats-Chaos meistern appeared first on essendi it. Published on Wednesday April 16, 2025 at www.essendi.de

Kyber: mathematical foundations and quantum-resistant security

Published on Wednesday April 16, 2025 at ankatech.co

Cyber Signals Issue 9 | AI-powered deception: Emerging fraud threats and countermeasures

Microsoft maintains a continuous effort to protect its platforms and customers from fraud and abuse. This edition of Cyber Signals takes you inside the work underway and important milestones achieved that protect customers. The post Cyber Signals Issue 9 | AI-powered deception: Emerging fraud threats and countermeasures appeared first on Microsoft Security Blog. Published on Wednesday April 16, 2025 at www.microsoft.com

Why is CertSecure Manager the Ultimate Choice for ACME Protocol Automation?

Scalability and automation are critical for modern enterprises, especially in certificate management. With cyber threats evolving and computational advancements highlighting the need to secure digital assets, certificate management has become a cornerstone of cybersecurity strategy. The shift toward shorter certificate validity periods, such as Google’s proposal for 90-day certificates, exposes the inefficiencies of manual processes. […] Published on Tuesday April 15, 2025 at www.encryptionconsulting.com

Threat actors misuse Node.js to deliver malware and other malicious payloads

Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to information theft and data exfiltration. The post Threat actors misuse Node.js to deliver malware and other malicious payloads appeared first on Microsoft Security Blog. Published on Tuesday April 15, 2025 at www.microsoft.com

Most Common SSL/TLS Attacks and How CLM Helps Mitigate Them

SSL/TLS are encryption protocols that authenticate and protect communication between any two entities, such as clients, servers, or interconnected systems over the internet. SSL stands for Secure Socket Layer and is the predecessor of TLS, i.e., Transport Layer Security, although the terminologies are used interchangeably today. Any mention of SSL/TLS or just SSL usually translates […] Published on Tuesday April 15, 2025 at www.encryptionconsulting.com

Transforming security with Microsoft Security Exposure Management initiatives

Microsoft Secure Score is important, but the increasing sophistication of security requirements has driven the development of more comprehensive security initiatives using Microsoft Security Exposure Management. The post Transforming security with Microsoft Security Exposure Management initiatives appeared first on Microsoft Security Blog. Published on Tuesday April 15, 2025 at www.microsoft.com

NIST Expands Post-Quantum Protection with New Backup Algorithm HQC

The U.S. National Institute of Standards and Technology (NIST) has taken another decisive step in preparing for the post-quantum era. In a move that reinforces the future of encryption, NIST has selected a fifth algorithm, called HQC, to serve as a backup for post-quantum encryption. This new standard adds an essential layer of security to… The post NIST Expands Post-Quantum Protection with New Backup Algorithm HQC appeared first on Decent Cybersecurity. Published on Tuesday April 15, 2025 at decentcybersecurity.eu

Payer Workgroup Publishes Payer-to-Payer FHIR® API Compliance Readiness Checklist Ahead of CMS Deadline

By Payers, For Payers: New Resource Helps Payers Achieve CMS-0057-F Compliance (Vienna, VA – April 15, 2025) – The Sequoia Project, a leading non-profit focused on advancing healthcare interoperability, is […] The post Payer Workgroup Publishes Payer-to-Payer FHIR® API Compliance Readiness Checklist Ahead of CMS Deadline appeared first on The Sequoia Project. Published on Tuesday April 15, 2025 at sequoiaproject.org

Explore how to secure AI by attending our Learn Live Series

Register to attend one or all our Learn Live sessions to learn how to secure your environment for AI adoption. The post Explore how to secure AI by attending our Learn Live Series appeared first on Microsoft Security Blog. Published on Monday April 14, 2025 at techcommunity.microsoft.com

Quantum computing and key breaking: Evidence and implications

Published on Monday April 14, 2025 at ankatech.co

Quantum Computing Advancements Highlight the Critical Need for Post-Quantum Security Solutions

Recent developments in the quantum computing space have underscored the growing importance of post-quantum cryptography (PQC) solutions. Last week, Quantinuum, a global leader in quantum computing, announced its collaboration with NVIDIA as a founding partner for the NVIDIA Accelerated Quantum Research Center (NVAQC). This partnership will leverage Quantinuum’s System H2, currently the world’s most powerful […] Published on Friday April 11, 2025 at blog.01com.com

US Air Force Continues Quantum Push With Ki3 Photonics And Quantum Bridge Technologies

U.S Air Force continues quantum push with Ki3 Photonics, Quantum Bridge Technologies By Dan O’Shea, Updated March 14, 2022. Quantum technology has many military applications, from quantum sensing and radar to quantum-secure communications and more. The U.S. Air Force (USAF) has been among the most aggressive military branches in pursuing new quantum developments, and its […] The post US Air Force Continues Quantum Push With Ki3 Photonics And Quantum Bridge Technologies appeared first on Quantum Bridge. Published on Friday April 11, 2025 at qubridge.io

Standardization of post-quantum cryptographic algorithms by NIST

Published on Friday April 11, 2025 at ankatech.co

SEALCOIN Demonstrates Satellite-Enabled IoT Transactions Using WISeSat LEO Constellation

SEALCOIN Demonstrates Satellite-Enabled IoT Transactions Using WISeSat LEO Constellation Pushing the Frontiers of IoT with Secure, Decentralized Microtransactions Beyond Terrestrial Limits Geneva, Switzerland, April 11, 2025 –WISeKey International Holding Ltd (“WISeKey”) (SIX: WIHN, NASDAQ: WKEY), a leading global cybersecurity, blockchain, and IoT company, today announced that its subsidiary SEALCOIN AG, unveiled a groundbreaking Proof of […] Published on Friday April 11, 2025 at www.wisekey.com

The ultimate guide to Microsoft Security at RSAC 2025

For RSAC 2025, Microsoft Security is bringing an exciting lineup of sessions, expert panels, and exclusive networking opportunities to empower security professionals in the era of AI. The post The ultimate guide to Microsoft Security at RSAC 2025 appeared first on Microsoft Security Blog. Published on Thursday April 10, 2025 at techcommunity.microsoft.com

Validating Kyber’s quantum security on classical systems

Published on Wednesday April 9, 2025 at ankatech.co

Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI

Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks. To help customers protect their environments and respond to these attacks, Exchange Server and SharePoint Server integrated Windows Antimalware Scan Interface (AMSI), providing an essential layer of protection by preventing harmful web requests from reaching backend endpoints. The blog outlines several attacks prevented by AMSI integration and highlights recent enhancements. The blog also provides protection and mitigation guidance and how defenders can respond. The post Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI appeared first on Microsoft Security Blog. Published on Wednesday April 9, 2025 at www.microsoft.com

How cyberattackers exploit domain controllers using ransomware

Read how cyberattackers exploit domain controllers to gain privileged system access where they deploy ransomware that causes widespread damage and operational disruption. The post How cyberattackers exploit domain controllers using ransomware appeared first on Microsoft Security Blog. Published on Wednesday April 9, 2025 at www.microsoft.com

GPG2, Debian, and RPM Signing with PKCS#11 Library on Ubuntu

Imagine downloading an app and feeling good about it because it has a digital seal of approval from a trustworthy developer. This seal means that the software is legitimate and hasn’t been altered by anyone with bad intentions. For developers, it’s a great way to build trust and show they take security seriously. For users, […] Published on Wednesday April 9, 2025 at www.encryptionconsulting.com

Exploitation of CLFS zero-day leads to ransomware activity

Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have discovered post-compromise exploitation of a newly discovered zero-day vulnerability in the Windows Common Log File System (CLFS) against a small number of targets. Microsoft released security updates to address the vulnerability, tracked as CVE 2025-29824, on April 8, 2025. The post Exploitation of CLFS zero-day leads to ransomware activity appeared first on Microsoft Security Blog. Published on Tuesday April 8, 2025 at www.microsoft.com