Alex Westerhof

With the support of this grant, we are accelerating a planned initiative on our roadmap: building crypto-agility directly into our trust infrastructure products. Our goal is to make the cryptographic transition to quantum-resistant identity and verifiable credentials seamless, effortless, and accessible to organizations of all sizes.

The Shift to Crypto-Agility

At its core, crypto-agility is the ability to swap cryptographic algorithms on the fly without breaking operations. As quantum computing advances, this capability ensures organizations can seamlessly adapt to new security standards and mitigate emerging threats without facing a disruptive overhaul.

The transition to business wallets for organizations and personal wallets for end users under eIDAS 2.0 represents a paradigm shift in digitizing trust. However, current implementations rely on fixed cryptographic algorithms like Ed25519, which present a systemic vulnerability to quantum computing advancements. If these algorithms are compromised, identities are exposed and the trust chain is broken. To address this gap, we will build crypto-agility directly into our trust infrastructure products, using the NIST Post-Quantum Cryptography standard, ML-DSA (FIPS 204). This will enable UniTrust to issue quantum-resistant verifiable credentials.

Dual Signatures Control

By leveraging dual-signing, companies will be able to issue credentials via UniTrust containing two distinct signatures: the current industry standard and a post-quantum signature (PQS). UniTrust will remove the complexity around this, enabling issuing organizations to activate post-quantum validation with a simple toggle. As soon as quantum computing necessitates a shift or a use case demands the highest degree of security, organizations can choose exactly when to enforce PQS validation based on their specific risk tolerance. Once activated, credential validations switch to PQS and ignore the Ed25519 signatures, achieving post-quantum protection.

Frictionless End-User Experience

This approach ensures that the transition to post-quantum resistant credentials will be seamless and non-disruptive for individuals. By utilizing dual-signing, issued credentials will automatically be PQS-ready, eliminating the need for a future mass re-issuance when an organization utilizing UniTrust decides to switch to PQS validation. UniMe wallet users will not notice a change as the security foundation evolves in the background. This allows end users to maintain uninterrupted access to critical digital and physical services, even as the underlying security protocols are upgraded around them. While signatures like Ed25519 validate with relatively low latency, migrating to PQS validation will introduce a performance overhead but will still preserve a fluid, uninterrupted experience for the end user. We look forward to putting this to the test in live physical access settings, benchmarking current performance against PQS validation to pioneer practical quantum-safe entry solutions.

Immutable Resilience 

UniTrust utilizes event sourcing which records every action sequentially and immutably, creating a history for audit trails and triggering immediate business workflows upon credential issuance or verification. Separately, the optional distributed ledger technology layer acts as a decentralized trust anchor that stores public keys, tied to an organizational identity, which can be added, removed, or rotated, using several cryptographic algorithms. In addition, it adds anonymous cryptographic states for revocation checks, leaving zero personally identifiable information (PII) footprints on the decentralized ledger. Pairing this with dual-signature capabilities that enable PQS readiness deepens resilience and future-proofs organizations as cryptographic standards change.

Real-World Applications

The need for crypto-agility and quantum resistance is a foundational requirement for any organization that will be issuing and managing high-value digital credentials. When these security rails fail due to quantum computing advancements and their commercial viability as time progresses, the integrity of entire trust ecosystems collapses. By implementing dual-signature verifiable credentials and enabling dynamic cryptographic switching, we address critical areas such as:

Critical Facilities & Infrastructure:
Power grids, data centers, and public transit networks rely on secure digital and physical trust interactions. When an operator provisions infrastructure access clearances to an external contractor's wallet, a cryptographic failure could create a national security vulnerability. If classical keys are compromised, unauthorized parties could forge active credentials to systematically bypass physical gates, unlock server room doors, or access restricted perimeters undetected.

Perimeter Resilience & Instant Revocation:
In mission-critical environments like national energy grid facilities, defense installations or data centers, access control demands absolute certainty. While enforcing a strict PQS-ready validation path introduces a longer verification cycle due to the heavier nature of post-quantum algorithms, it delivers an uncompromising layer of security. A key benefit of utilizing verifiable credentials for access control is realized during high-risk offboarding. When an individual’s clearance is stripped, the issuer updates a status list in near real-time. Authorized digital platforms and physical gates checking this list can instantly detect the revocation, preventing unauthorized entry across multiple secure zones.

High-Assurance Civic Identity:
Under eIDAS 2.0, municipal credentials for major life events (births, marriages, deeds) carry significant legal weight and must remain valid for decades. However, long-lived civic records face a severe liability: future quantum advancements could allow attackers to retroactively forge or alter historical signatures.

By utilizing PQC-ready, dual-signature credentials from day one, municipalities can embed a quantum-safe safeguard directly into these long-lived assets. As the quantum threat matures, local governments can seamlessly transition and enforce strict post-quantum validation when required. Because the post-quantum keys were already embedded at the time of origin, this transition ensures sensitive citizen records remain immune to forgery over their entire lifecycle, without requiring a costly mass re-issuance of credentials down the road.

If you are interested in learning more, drop us a message and let’s start a conversation.
We welcome the opportunity to connect and share insights.

Additional information can be found at:

• Cybersecurity Innovation Fund (CIF-NL)

• Netherlands Cybersecurity Coordination Centre (NCC-NL)

• Netherlands Enterprise Agency