.png){kind=logo}
Interoperability and Future-Ready Cryptography
LAST UPDATED: JUNE 2025
This page is a living resource for ongoing interoperability testing. It aims to share knowledge, showcase current post-quantum cryptography (PQC) capabilities and interoperability between Keyfactor solutions and the broader ecosystem, and build awareness of evolving standards and use cases among PKI and signing professionals.
Disclaimer
Functionality may vary depending on the environment, platform, and software versions. While we strive to document our setup and testing environments as clearly as possible, we cannot guarantee that all features will work identically in other configurations.
Our Approach to Interoperability
We prioritize continuous integration of new cryptographic algorithms, protocols, and formats, focusing on:
Public Key Infrastructure (PKI)
Certificates for TLS/mTLS
Encryption and Key Exchange
Digital Signing and Verification
Certificate Lifecycle Management (CLM)
Through active collaboration with the wider ecosystem — including participation in industry hackathons (e.g., IETF PQC Hackathon), ACVP testing, and interoperability testing with OpenSSL, Cryptlib, WolfSSL and others — we ensure that our products remain aligned with both current and emerging needs.
Setting up Future-Ready PKI and Signing
As new post-quantum cryptography (PQC) standards are finalized, understanding their implications on PKI and signing becomes critical. This includes:
Hybrid Certificates: Combining PQC algorithms with classical algorithms (e.g., ML-KEM/RSA, ML-DSA/ECDSA).
New Key and Certificate Sizes: Affects bandwidth, storage, and performance.
New Signature Characteristics: Impacts signing speed and validation processing.
This page explores real-world interoperability use cases where these factors are critical, so engineers can plan and adopt solutions confidently.
Interoperability Test Cases and Results
Each section below highlights interoperability work per use case and lifecycle operation:
Issue, Renew/Rotate, Revoke, Sign, Encrypt, and Validate.
For each, we describe:
Why this interop matters now (e.g., upcoming standards, common real-world deployments)
Technical observations (e.g., key sizes, certificate formats, algorithm-specific behaviors)
Versions
The below interoperability tests requires specific versions of the components, equals or higher to:
Bouncy Castle 1.80 (except for private key encoding which is 1.81)
OpenSSL 3.5
EJBCA 9.3
SignServer 7.3
TLS 1.3 - Certificates and mTLS
Scope
PQC-enabled TLS 1.3 sessions
Mutual authentication (mTLS) using certificates issued by EJBCA and cryptographic libraries like OpenSSL and Bouncy Castle.
SLH-DSA has not been tested with TLS due to expectation that it will be too slow for TLS usage.
Component | Algorithms Used | Tools/Libraries | Interop Result | Notes |
|---|---|---|---|---|
Certificate Issuance | ML-DSA | EJBCA, BC, OpenSSL (>=3.5) | Successful | EJBCA-issued certs validated in OpenSSL |
Session Encryption | ML-KEM Key Exchange | OpenSSL, BC, Firefox, Chromium | Successful | mTLS encrypted with PQC key exchange between OpenSSL and BC |
Session Authentication | ML-DSA certificates | OpenSSL, BC | Successful | mTLS authenticated with PQC certificates between OpenSSL and BC |
Why this is important
TLS is foundational to secure communication. Ensuring PQC compatibility with TLS/mTLS is critical for a smooth crypto-agile transition.
Message Signing and Validation (CMS)
Scope
PQC signatures for code signing, container signing, SBOM attestations, and document signing (e.g., PDF) and time-stamping.
Component | Algorithms Used | Tools/Libraries | Interop Result | Notes |
|---|---|---|---|---|
Signing | ML-DSA, SLH-DSA | SignServer, BC, OpenSSL | Successful | CMS messages signed with SignServer verified across libraries |
Encryption | ML-KEM | BC, OpenSSL | Successful | Encrypted CMS messages decrypted across libraries |
Time-stamping | ML-DSA | SignServer, BC | In Progress |
Why this is important
Code, container, and document signing are critical to supply chain security and regulatory compliance. PQC support ensures future-proofed assurance.
Certificate Lifecycle Management (CLM)
Scope
Issuing, renewing, revoking, and managing PQC-enabled certificates.
Lifecycle Operation | Algorithms Used | Tools/Libraries | Interop Result | Notes |
|---|---|---|---|---|
CSR Generation | ML-DSA, SLH-DSA, LMS | BC, EJBCA, OpenSSL | Successful | CSRs generated and processed successfully |
Certificate Issuance | ML-DSA, SLH-DSA, LMS | EJBCA | Successful | |
Certificate Validation | ML-DSA, SLH-DSA, LMS | OpenSSL, BC | Successful | |
Revocation (CRL) | ML-DSA, SLH-DSA | EJBCA VA, OpenSSL, BC | Successful | CRLs issued by EJBCA validates across libraries |
Revocation (OCSP) | ML-DSA | EJBCA VA, OpenSSL | Successful | OCSP responses issued by EJBCA validates across libraries |
CMP | ML-KEM, ML-DSA | BC, EJBCA | Successful | CMP messages processed successfully, ML-DSA and ML-KEM certificates issued. |
ACME | ML-DSA | EJBCA, CertBot | Successful | Using CertBot with a ML-DSA CSR to issue certificate from EJBCA |
Why this is important
Effective CLM operations are key to maintaining security posture and trust — PQC must integrate into these lifecycles without disruption.
Storage Formats and Key Management
Scope
Testing interoperability of private keys and certificates in common formats (PEM, PKCS#12).
Format | Algorithms Used | Tools/Libraries | Interop Result | Notes |
|---|---|---|---|---|
PEM Key Storage | ML-DSA, SLH-DSA | BC, OpenSSL | In Progress | Private key format for ML-DSA changed late in the IETF draft. BC 1.81 will be interoperable with OpenSSL 3.5. BC FIPS libraries will also support this in 2.2.0. |
PKCS#12 Keystores | ML-DSA, SLH-DSA | BC, OpenSSL | In Progress |
Why this is important
Software generated private keys need to be possible to generate with one implementation (i.e. CA generated keys) and used by another implementation (i.e. OpenSSL based Apache/NGinx).
Hybrid and Composite Certificates
Scope
Certificates combining classical and PQC algorithms for gradual migration.
Certificate Type | Algorithms Used | Tools/Libraries | Interop Result | Notes |
|---|---|---|---|---|
Hybrid Certificates | ECDSA/ML-DSA | EJBCA, BC | Successful (basic) | Ongoing testing for edge cases |
Composite Certificates | ECDSA/ML-DSA | (future) | Planned | |
PKCS#12 dual key keystores | ECDSA/ML-DSA | (future) | Planned | Dual keys and one certificate |
Why this is important
If using hybrid certificates will be a valid migration process, handling all aspects including multiple private keys is critical.
Hardware Security Modules (HSMs)
Scope
PQC key operations with external HSMs.
A technical interoperability test indicated below as successful may not imply availability of commercial support in released products for all listed HSMs.
HSM Vendor | Algorithms Tested | ML-DSA External Mu | Interop Result | Notes |
|---|---|---|---|---|
Fortanix Data Security Manager | ML-DSA, LMS | Not yet | Successful | Max object size to sign is limited until external-mu ML-DSA is supported. |
Securosys CloudHSM | ML-DSA, LMS | Not yet | Successful | Max object size to sign is limited until external-mu ML-DSA is supported. |
CryptoNext Quantum-Safe library and SDK | ML-DSA | Not yet | Successful | Software development kit and SoftHSM |
Crypto4A QxEDGE | ML-DSA, LMS | Not yet | Successful | Max object size to sign is limited until external-mu ML-DSA is supported. |
Thales TCT | LMS | N/A | Successful | |
Thales Luna | In progress | |||
Utimaco uTrust | In progress |
Why this is important
For production use cases that needs security compliance it is critical that HSMs can be used for deployments of EJBCA and SignServer.
References and External Resources
IETF drafts:
https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-ml-dsa/
https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-kyber/
https://datatracker.ietf.org/doc/draft-ietf-lamps-dilithium-certificates/
https://datatracker.ietf.org/doc/draft-ietf-lamps-kyber-certificates/
For more product Interoperability and Certification information: