.jpg)
Entrust announced on September 10, 2025, that its nShield Hardware Security Modules (HSMs) have achieved validation for three NIST-standardized post-quantum cryptography (PQC) algorithms—ML-DSA, ML-KEM, and SLH-DSA—through NIST’s Cryptographic Algorithm Validation Program (CAVP). This milestone, supported by the latest firmware (v13.8.0) released August 22, 2025, positions Entrust as a leader in quantum-safe security.
NIST Validation: Entrust nShield HSMs validated for ML-DSA, ML-KEM, and SLH-DSA algorithms.
Firmware Update: Version 13.8.0, released August 22, 2025, supports PQC natively.
FIPS Certification: Submitted for FIPS 140-3 Level 3 validation via CMVP.
Purpose: Protects cryptographic keys against quantum computing threats.
Market Context: Addresses urgent need for quantum-safe security as per NIST standards.
Applications: Used by OpenSSL Corporation for secure code signing.
Entrust’s nShield HSMs, with firmware v13.8.0, natively support NIST-validated post-quantum algorithms, enabling organizations to deploy quantum-safe security immediately. “This certification gives organizations the confidence that their nShield HSMs are post-quantum ready and recognized by the world’s leading standards body, NIST,” said Mike Baxter, Chief Technology and Product Officer at Entrust. The validation ensures robust protection for cryptographic keys, critical as quantum computing threatens traditional protocols.
The NIST CAVP validation confirms the strength of Entrust’s implementation of ML-DSA (digital signatures), ML-KEM (key encapsulation), and SLH-DSA (stateless hash-based signatures). The nShield 5 HSM firmware has been submitted for FIPS 140-3 Level 3 certification, reinforcing compliance with stringent security standards. This positions Entrust to meet the growing demand for quantum-resistant solutions, as highlighted at RSA Conference 2025, where HSMs were emphasized as critical for PQC migration.
Entrust’s nShield HSMs are trusted by organizations like the OpenSSL Corporation, which uses them for secure code signing to protect billions of secure communications globally. The PQC algorithms ensure scalability and flexibility, allowing enterprises to safeguard sensitive data against future quantum threats while maintaining compliance. The nShield Post-Quantum Option Pack, available since 2022, further supports testing and deployment of these algorithms in secure environments.
Entrust’s early adoption of NIST-validated PQC algorithms strengthens its market leadership, but widespread enterprise adoption may face challenges, including integration complexity and ecosystem support for new key sizes. The submission for FIPS 140-3 certification is a proactive step, yet delays in validation could impact deployment timelines. Competition from firms like Thales and Utimaco, also advancing PQC in HSMs, requires Entrust to maintain innovation momentum.
Entrust provides identity-centric security solutions to combat fraud and cyber threats. Its nShield HSMs offer tamper-resistant protection for cryptographic keys, supporting secure onboarding, everyday identity protection, and 360-degree visibility across keys and certificates. With a global partner network, Entrust serves customers in over 150 countries.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.