Fortinet boosts quantum security for firewall and SD-WAN clients

Fortinet updated its FortiOS operating system to protect against quantum-computing threats.

The FortiOS 7.6 update includes what are described as “quantum-safe features” designed to defend against threats such as harvest-now, decrypt-later (HNDL) attacks.

The features are available for FortiGate NGFW and Fortinet Secure SD-WAN customers. Among them are PQC methods which include algorithms approved by the National Institute of Standards and Technology (NIST) in its aim to standardize PQC.

Of these algorithms, Fortinet names ML-KEM, a mechanism that allows two parties to establish a shared secret key over a public channel. Theoretically, this allows for security against attackers in possession of a quantum computer.

There is also support for NIST’s preferred PQC standard, dubbed HQC (Hamming Quasi-Cyclic), which is based on error-correcting codes.

The latest additions come alongside pre-established features in the Fortinet OS, including support for quantum key distribution (QKD) integrations, algorithm stacking, and a hybrid mode for the incorporation of traditional public-key cryptography and QKD.

The latter is positioned as a gradual transition for enterprises into post-quantum security in anticipation of the "Q-Day" threat, when a quantum computer becomes powerful enough to break widely used encryption methods. That is expected to happen sometime in the 2030s.

FortiOS 7.6 also includes BIKE, a key encapsulation mechanism based on code and designed for several CPU architectures, particularly 64-bit ARM and x86 processors.

The updates come after Fortinet’s recent commendation from analyst powerhouse Gartner for its existing PQC capabilities alongside its traditional security offerings. Gartner ranked Fortinet alongside rivals, including Palo Alto and Cato Networks as a “leaders” in the secure access service edge (SASE) market.

Palo Alto Networks started to implement quantum-resistant capabilities last year, while startup QuSecure has launched a quantum-safe encryption to Cisco routers.

Quantum efforts have also poured into the networking space, with U.S.-based IonQ recently drawing new funds to the tune of $1 billion as part of its aim to drive quantum networking opportunities.