Key Management
Platform offers cryptographic key management and cryptographic operations.
info
Every cryptographic key management and operation in the platform are achieved through the Token Profile
. To perform any action on Key
, the Key
must be bound to Token Profile
. See Token Profile
for more information.
Operations on Key
includes:
- Create / Destroy
- Encrypt / Decrypt
- Sign / Verify
- Generate random data
Support for PQC algorithms
The platform implements support for post-quantum cryptography algorithms. The following PQC algorithms are supported:
- ML-DSA - based on CRYSTALS-Dilithium, lattice-based and the primary signature algorithm standardised by NIST - FIPS 204
- SLH-DSA - based on SPHINCS+, a stateless hash-based signature algorithm standardised by NIST - FIPS 205
- ML-KEM - based CRYSTALS-Kyber, a lattice-based and the primary key encapsulation mechanism standardised by NIST - FIPS 203
- FALCON (FN-DSA) - a lattice-based signature scheme, selected by NIST for standardisation