Alex Westerhof

With the support of this grant, we are accelerating a planned initiative on our roadmap: building crypto-agility directly into our trust infrastructure products. Our goal is to make the cryptographic transition to quantum-resistant identity and verifiable credentials seamless, effortless, and accessible to organizations of all sizes.

The Shift to Crypto-Agility

At its core, crypto-agility is the ability to swap cryptographic algorithms on the fly without breaking operations. As quantum computing advances, this capability ensures organizations can seamlessly adapt to new security standards and mitigate emerging threats without facing a disruptive overhaul.

The transition to business wallets for organizations and personal wallets for end users under eIDAS 2.0 represents a paradigm shift in digitizing trust. However, current implementations rely on fixed cryptographic algorithms like Ed25519, which present a systemic vulnerability to quantum computing advancements. If these algorithms are compromised, identities are exposed and the trust chain is broken. To address this gap, we will build crypto-agility directly into our trust infrastructure products, using the NIST Post-Quantum Cryptography standard, ML-DSA (FIPS 204). This will enable UniTrust to issue quantum-resistant verifiable credentials.

Dual Signatures Control

By leveraging dual-signing, companies will be able to issue credentials via UniTrust containing two distinct signatures: the current industry standard and a post-quantum signature (PQS). UniTrust will remove the complexity around this, enabling issuing organizations to activate post-quantum validation with a simple toggle. As soon as quantum computing necessitates a shift or a use case demands the highest degree of security, organizations can choose exactly when to enforce PQS validation based on their specific risk tolerance. Once activated, credential validations switch to PQS and ignore the Ed25519 signatures, achieving post-quantum protection.

Frictionless End-User Experience

This approach ensures that the transition to post-quantum resistant credentials will be seamless and non-disruptive for individuals. By utilizing dual-signing, issued credentials will automatically be PQS-ready, eliminating the need for a future mass re-issuance when an organization utilizing UniTrust decides to switch to PQS validation. UniMe wallet users will not notice a change as the security foundation evolves in the background. This allows end users to maintain uninterrupted access to critical digital and physical services, even as the underlying security protocols are upgraded around them. While signatures like Ed25519 validate with relatively low latency, migrating to PQS validation will introduce a performance overhead that preserves a fluid, uninterrupted experience for the end user. We look forward to putting this to the test in live physical access settings, benchmarking current performance against PQS validation to pioneer practical quantum-safe entry solutions.

Immutable Resilience 

UniTrust utilizes event sourcing which records every action sequentially and immutably, creating a history for audit trails and triggering immediate business workflows upon credential issuance or verification. Separately, the optional distributed ledger technology layer acts as a decentralized trust anchor that stores public keys, tied to an organizational identity, which can be added, removed, or rotated, using several cryptographic algorithms. In addition, it adds anonymous cryptographic states for revocation checks, all with zero personally identifiable information (PII). Pairing this with dual-signature capabilities that enable PQS readiness deepens resilience and future-proofs organizations as cryptographic standards change.

Real-World Applications

The need for crypto-agility and quantum resistance is a foundational requirement for any organization that will be issuing and managing high-value digital credentials. When these security rails fail due to quantum computing advancements and their commercial viability as time progresses, the integrity of entire trust ecosystems collapses. By implementing dual-signature verifiable credentials and enabling dynamic cryptographic switching, we address critical areas such as:

Critical Facilities & Infrastructure:
Power grids, data centers, and public transit networks rely on secure digital and physical trust interactions. When an operator provisions infrastructure access clearances to an external contractor's wallet, a cryptographic failure could create a national security vulnerability. If classical keys are compromised via quantum computing, unauthorized parties could forge active credentials to systematically bypass physical gates, unlock server room doors, or access restricted perimeters undetected.

Perimeter Resilience & Instant Revocation:
In mission-critical environments like energy grid facilities, defense installations or data centers, access control demands absolute certainty. While enforcing a strict PQS-ready validation path introduces a longer verification cycle due to the heavier nature of post-quantum algorithms, it delivers an uncompromising layer of security. The operational benefit of this is realized when an individual with widespread clearance across multiple secure zones leaves the company or has their access stripped; the moment their credential is revoked, that revocation propagates instantly, locking them out of every physical gate and/or digital platform simultaneously.

High-Assurance Civic Identity (eIDAS 2.0)Under the eIDAS 2.0 framework, municipal digital IDs and the credentials issued for major life events, such as birth registrations, marriage certificates, or property deeds, carry significant legal weight and must remain valid for decades. However, issuing these long-lived civic credentials creates a liability if the underlying classical cryptography fails due to quantum advancements later in a citizen’s life. If those legacy signatures are compromised, historical civic records could be retroactively forged or altered. By utilizing PQS-ready, dual-signature credentials, municipalities can issue standard credentials for immediate use with an embedded post-quantum safeguard. As the quantum threat matures, local governments can seamlessly switch their verification systems to enforce strict PQS validation. This ensures that sensitive citizen records remain airtight and immune to forgery over their entire lifecycle, without requiring mass re-issuance of long-lived credentials.

If you are interested in learning more, drop us a message and let’s start a conversation.
We welcome the opportunity to connect, share insights, and dive into the finer details.

Additional information can be found at:

• Cybersecurity Innovation Fund (CIF-NL)

• Netherlands Cybersecurity Coordination Centre (NCC-NL)

• Netherlands Enterprise Agency