View PQC Support Details

Post-quantum cryptography (PQC) refers to cryptographic algorithms specifically designed to remain protected against potential attacks by quantum computers. The PQC replaces the public-key algorithms with new mathematical methods that are secure against attacks from quantum computers.

Once your host sites are resolved and scanned, the listed certificates show the PQC-support status on the Monitored tab. You can also view the PQC-supported certificates on the Assets tab under the Assets and Host Instances tabs.

Prerequisites

You must include QID 38994 in your Option profile for PQC support, as this QID reports whether the server supports the PQC key exchange algorithm.

View PQC-supported Certificates on Monitored tab

You can view the details such as the organization name, PQC support status, issuer information, PQC-supported algorithms used, host instances, and certificate path of certificates discovered on your assets. 

To view the details, go to Certificates tab > Monitored.

The PQC support status is displayed for each certificate. 

The listed certificates indicate the statutes, specifying whether they are PQC-supported, unsupported, partially supported, not applicable, or support available for zero instances. With this, you can ensure the security of the enlisted certificates data.

 Also, you can expand  option to view the listed assets under that particular certificate. If a certificate has more than five associated assets, you can click View All to navigate to the Assets tab and access the complete details.

Similarly, you can view the details on the Assets tab under Assets and on Host Instances tab.

View PQC-supported Assets on the Assets tab

You can view the details such as the asset name, PQC support status, supporting OS, PQC-supported algorithms used, host instances, grades, and certificate path of certificates discovered on your assets. 

To view the details, go to Assets tab > Assets.

The PQC support status is displayed for each asset.

View PQC-supported Assets on the Host Instances tab

You can view the details such as the asset name, PQC support status, PQC-supported algorithms used, host instances, grades, and certificate path of certificates discovered on your assets. 

To view details, go to Certificates tab > Monitored tab. Click View Details from the Quick Actions menu of the selected certificate, and click Hosts.

The PQC support status is displayed for each asset.

View Multiple PQC-supported KEM Algorithms on the Certificates and Assets tabs

You can view multiple PQC-supported Key Encapsulation Mechanism (KEM) algorithms linked to the certificates and assets on the Assets and Certificates tabs. 

To view the functionality, go to the Certificates tab > Monitored sub tab, and click  icon to view associated assets. Click the plus icon in the KEM algorithm column to view the list of all the KEM algorithms for the associated asset.

Similarly, you can view this functionality in the Assets Tab.

To view the functionality, Go to the Assets tab > Assets sub tab, click  icon to view associated certificates. Click the plus icon in the KEM algorithm column to view the list of all the KEM algorithms for the associated certificate.

View PQC-Supported Cipher Suites

You can view the PQC support for Certificates and Assets tabs at a granular level for each cipher suite. 

To view the details under the Certificates tab, go to the Certificates tab > Monitored sub tab, and click  icon of a certificate to view the associated assets. Click the Grade icon to access the grade summary. Under the grade summary, expand the Cipher Suite option to view the Cipher Suite details. 

Here, in the Cipher Suite details, you can view the supported Key Exchange Algorithms, and PQC Support, indicating whether the cipher suite is PQC-supported (true or false), along with the other details such as Cipher Suite Name, Category, Strength, and Forward Secrecy support for each cipher suite (Yes or No), indicating whether the Cipher Suite provides forward secrecy, ensuring the session keys remain secure even if the private key is exposed.

Similarly, you can view the Cipher Suite details in the Assets tab.

Go to Assets tab > Assets sub tab, click  icon to view associated certificates. Click the Grade icon to access the summary. Under the grade summary, expand the Cipher Suite option to view the Cipher Suite details.