How hybrid certificates help with post-quantum transition

Oct 30, 2022

hybrid certificates help with post-quantum transition
Check out this video to learn how hybrid certificates help with post-quantum transition.

Video transcript:

Hello everyone. My name is John O’Connor, VP of Product Management at Crypto4A, a Venafi ecosystem partner and also partner with a company called ISARA that we’re going to talk a little bit about today.

They are making Catalyst also known as hybrid certificate technology, publicly available. This is an important announcement that’s going to help us all with the post-quantum crypto transition.

So, hybrid certificates are an extraordinarily elegant tool or methodology that can help us with the post-quantum transition. What’s very elegant about this methodology or technology is that it allows us to have backwards compatibility to our existing X509 certificate systems as we transition to a post-quantum future.

So, let’s use an analogy from our friends at ISARA. If you think about a credit card today, each credit card has multiple authentication methods on there. For example, with a modern credit card you can tap your credit card to pay, you can use your chip and pin, you can also swipe the magnetic strip and sign your credit card, or if you go way back, you can put it under the piece of paper and run the machine on top of it and then sign it. So, in essence, a credit card has inbuilt backwards compatibility regardless of where you decide to shop. For example, if you are in a store that does not support tap-to-pay, you can revert to chip and pin, if they do not support chip and pin, you revert to the magnetic stripe; you get what I mean there.

Now let’s think about how inconvenient that would be if we did not have built-in backward compatibility to our credit cards. For one of your credit card accounts you may have to carry three different credit cards depending on the method of payment that would be accepted. Highly inconvenient. So, we take that fact and think about hybrid certificates; this is where the very elegant solution with this hybrid certificate technology comes into play in that it allows us to add multiple additional post-quantum signatures to a standard X509 certificate. So, what this means is that we can leverage that X509 certificate even in places that do not support the new post-quantum extension.

So, coming back to the credit card analogy, you’ll see that rather than having to stand up multiple systems with multiple different keys and multiple certificates, the hybrid certificate technology allows us to have that analogy of the credit card, but we can use these certificates today and in the future to allow us a very smooth post-quantum transition.

Thank you and if you’d like more information, please look us up on the Venafi Marketplace or reach out to us at If you have any questions, we’d be more than happy to help you with your post-quantum transition.

Check the video on YouTube.

Contact Us

Want to know more about how our systems work? Thinking about partnering with us? We are here to help. Just reach out through the link below and we'll get back to you as soon as possible.