OASIS ratifies PKCS #11 standards for post-quantum security
OASIS Open has approved PKCS #11 Specification Version 3.2 and PKCS #11 Profiles Version 3.2 as standards, adding post-quantum cryptography support and new interoperability rules for widely used security systems. The move aims to help vendors and organizations harden hardware, cloud, and certificate infrastructure without breaking existing deployments.
Why it matters: - OASIS approval gives PKCS #11 Version 3.2 the highest level of ratification inside the standards body. - The update strengthens Cryptoki, the API used by hardware security modules, smart cards and certificate authority systems. - The standards are meant to help organizations prepare for post-quantum threats while keeping existing security infrastructure in place.
What happened: - OASIS Open said PKCS #11 Specification Version 3.2 and PKCS #11 Profiles Version 3.2 have been approved as OASIS Standards. - The announcement was made July 15, 2026. - The standards update focuses on cryptographic interoperability across cloud and hardware environments.
The details: - PKCS #11 Specification Version 3.2 adds support for post-quantum cryptographic mechanisms. - The specification also adds extended interface capabilities and improved vendor extensions. - PKCS #11 Profiles Version 3.2 defines conformance clauses for consistent implementations across vendors and deployment environments. - The updated files are available in the OASIS library as freely accessible standards. - OASIS said PKCS #11 is already embedded in security infrastructure used by organizations worldwide. - The PKCS #11 Technical Committee said Version 3.2 provides a stronger, cleaner Cryptoki interface and a foundation for addressing emerging threats while maintaining compatibility with existing security infrastructure. - The committee is asking architects, designers and implementers to participate through OASIS membership. - OASIS said interested parties can contact join@oasis-open.org for more information.
Between the lines: - The standards push reflects growing pressure on security vendors to plan for quantum computing without forcing a redesign of deployed systems. - Support from companies including IBM and Entrust Security suggests the update has practical relevance for vendors that already ship PKCS #11-based products. - The committee’s call for broader participation signals an effort to keep the standard usable across different implementations and markets.
What's next: - Vendors and implementers can now use PKCS #11 Version 3.2 as a standards-based path to post-quantum readiness. - OASIS is seeking more global input as the Technical Committee continues work on cryptographic interoperability. - IBM said its openCryptoki project now includes PQC algorithm support with version 3.27. - Entrust Security said it supports the ratification of PKCS #11 version 3.2 and has supported PKCS #11 since launching its first nShield HSM in 1998.
The bottom line: - OASIS has formalized a new PKCS #11 baseline for post-quantum security, aiming to keep cryptographic systems interoperable as quantum risk rises.
Disclaimer: This article was produced by AGP Wire with the assistance of artificial intelligence based on original source content and has been refined to improve clarity, structure, and readability. This content is provided on an “as is” basis. While care has been taken in its preparation, it may contain inaccuracies or omissions, and readers should consult the original source and independently verify key information where appropriate. This content is for informational purposes only and does not constitute legal, financial, investment, or other professional advice.
Sign up for:
Cryptocurrency Insider Today
The daily local news briefing you can trust. Every day. Subscribe now.
Check Your Email!
We sent a one-time activation link to: .
Confirm it's you by clicking the email link.
If the email is not in your inbox, check spam or try again.
Welcome back!
is already signed up. Check your inbox for updates.