Echoworx Prepares for Quantum Computing

While large-scale quantum computers are still a decade or two away, the clock is ticking.

The risk of “Harvest Now, Decrypt Later” is real.

Encrypted data, particularly emails in transit over TLS, could be intercepted today and decrypted once quantum computing matures, exposing sensitive information.

The window to prepare is narrowing.

Migrating to quantum-resistant algorithms isn’t an overnight process—it requires foresight, planning, and execution. Failure to act now could leave organizations scrambling to adapt when the quantum era arrives.

Echoworx uses AES keys (quantum resistant) with AWS KMS, so the persisted data is stored in a quantum resistant manner. S/MIME keys, PGP private keys, PDF passwords, and portal messages are all persisted encrypted with AES encryption without any PKI.

That said, certain areas remain vulnerable to quantum-based threats.

For instance, portal messages use PKI as part of the Encrypted Mail Gateway for message exchange, leaving communications recorded by an attacker potentially susceptible to future quantum decryption. While this risk is mitigated by the similarly vulnerable TLS protocols used to send messages, the absence of standardized quantum-resistant TLS solutions means there’s no immediate fix.

Echoworx is closely monitoring developments in post-quantum standards and plans to adopt widely supported solutions as they emerge.

AWS has introduced a hybrid post-quantum TLS protocol for KMS API calls as a defense against potential attacks where encrypted communications are stored and later decrypted by quantum computers. If attackers were to record these calls, they could theoretically break the encryption once advanced quantum computers are developed. AWS’s hybrid TLS seeks to address this scenario, and Echoworx anticipates implementing this in near future.

NIST recently approved three post-quantum cryptographic algorithms:

• FIPS 203 (ML-KEM)
• FIPS 204 (ML-DSA) and,
• FIPS 205 (SLH-DSA).

Echoworx plans to follow NIST recommendations by adopting hybrid encryption solutions, combining classical cryptographic methods with quantum-safe alternatives.

This approach aims to ensure a smooth transition from current encryption standards to post-quantum cryptography.

Systems must support post-quantum cryptography (PQC) algorithms, which often demand greater computational power than traditional methods.

Transitioning to PQC will require overhauls to cryptographic libraries, protocols, hardware, and organizational practices. Echoworx plans a phased rollout, prioritizing compatibility, performance, and security at every step.

At Echoworx, all staff members receive ongoing training on evolving security threats and transformations, with a focus on email security and encryption. As PQC technology advances, Echoworx personnel will stay updated.

The Product Management team is leading the development of a roadmap toward a fully PQC-resistant product for global enterprises while ensuring knowledge sharing across the organization as the PQC landscape evolves.

Echoworx has closely followed developments from NIST in recent years, alongside insights from industry experts and cryptographic leaders—and will continue to monitor these critical areas.

Echoworx plans to integrate PQC algorithms into its infrastructure and applications, followed by annual audits and assessments to uphold its reputation for strong security.

Updates will be made promptly, aligning with best practices and long-term PQC planning.