We occasionally get asked about PQC support and our position on the threat to Canton / Canton Network from quantum computing. Below are some thoughts on the topic:
Digital Asset is tracking the state of quantum computing and the potential for these devices to break current cryptographic ciphers and algorithms. The industry believes that quantum computers larger enough to crack current cryptography are still an estimated 5-10 years away. It is also expected that faster PQC algorithms will appears over next 2-3 years. Only recently have standards started to appear for Post-Quantum Cryptography (PQC) algorithms (e.g. FIPS 203/204/205 from NIST) and actual implementations of libraries are still outstanding.
Canton has implemented a pluggable approach to cryptography, allowing us to add new signature and asymmetric encryption schemes. However, support for these in libraries, browsers and server software, and the issuance of TLS certificates using them is still outstanding.
The key risk remains store-and-decrypt later where sensitive information with a long lifetime is stored for decryption when quantum computing arrives with enough capability. The design of Canton minimizes data distribution as part of privacy features and this removes the ability to capture a single “state” of the whole ledger for such attacks. Once TLS support is available for PQC then this will block many store-and-decrypt style attacks.
Digital Asset uses industry standard cryptographic algorithms and we continue to assess migration paths towards a PQC world.
For answers to many questions on our security posture, please see our Trust Center: Trust Center