Quantum advances threaten current code signing because quantum computers could forge signatures by breaking traditional public key algorithms. The paper explains that secure code signing depends on protecting private keys in hardware, since stolen keys allow attackers to distribute malicious software. To prepare for the quantum era, organizations must adopt post quantum cryptography, including hash based signatures like LMS and HSS or newer ML DSA algorithms, following standards such as NIST SP 800 208 and CNSA 2.0. Thales Luna HSMs provide a crypto agile, tamper resistant environment for generating, storing and using quantum resistant signing keys, ensuring software integrity through the transition to PQC.

Join for free to read