SafeLogic Adds Comprehensive Post-Quantum Cryptography (PQC) Capabilities to CryptoComply Go

New Version is the First Cryptographic Software to Offer Comprehensive PQC Support for Go Developers

SafeLogic today announced the immediate availability of CryptoComply Go v4.0 featuring comprehensive post-quantum cryptography (PQC) algorithm support.  This new version includes all NIST-standardized PQC algorithms, enables hybrid mode that combines PQC with FIPS-certified classical cryptography, and optionally works with SafeLogic’s NIST ESV-certified entropy source. CryptoComply Go v4.0 is the industry’s first FIPS 140-3 certified cryptography software package for Go with enterprise support that includes comprehensive PQC capabilities for Go developers.

Originally developed by Google, Golang is widely recognized for its simplicity, efficiency, and powerful concurrency model. It’s quickly become the language of choice for:

• Cloud-native applications
• Distributed systems and microservices
• Embedded and IoT platforms
• Security-focused architectures

As adoption grows in security-sensitive industries like finance, healthcare, and government, Golang developers face growing demand for FIPS 140-3 validated cryptography that offers the latest PQC capabilities.

Post-Quantum Cryptography Support
NIST has been working to identify and standardize cryptographic algorithms that will not be susceptible to quantum computer attacks since 2017.  In August 2024, it standardized a first set of post-quantum cryptography (PQC) algorithms. CryptoComply Go v4.0 includes support for all three of these NIST-standard PQC algorithms:

• ML-KEM (FIPS 203), short for Module-Lattice Key Encapsulation Mechanism, enables parties to establish shared secrets, like symmetric encryption keys, over insecure networks in the presence of both quantum and classical computers. It was designed to be used in TLS/SSL, VPNs, encrypted messaging apps, and government or military communications
• ML-DSA (FIPS 204), which stands for Module-Lattice Digital Signature Algorithm, is a digital signature scheme for verifying identity, integrity, or authenticity that is secure against both classical and quantum computers. It is designed to deliver fast signature generation and verification, as well as reasonable key and signature sizes for a PQC algorithm. Typical use cases for ML-DSA include secure software updates, certificate signing, email, and document signing, and applications requiring authenticated and tamper-proof digital communication
• SLH-DSA (FIPS 205), which stands for Stateless Hash-Based Digital Signature Algorithm, is also a quantum-resistant digital signature scheme. It employs proven and secure hashing that is not vulnerable to quantum computer attacks. Also since it is stateless, it simplifies implementation. SLH-DSA features relatively small public keys (albeit with relatively large signatures), which can make it a better option than ML-DSA for certain use cases.

Hybrid PQC/FIPS-Validated Mode
Some organizations subject to FIPS 140 also need PQC because they have sensitive data with long-term value at risk to Harvest Now, Decrypt Later (HNDL) attacks. However, no PQC implementations have yet received FIPS 140 certification. CryptoComply Go v4.0 supports hybrid mode by combining SafeLogic’s FIPS 140-3 validated algorithms used in CryptoComply Go v3 (CMVP FIPS 140-3 certificate #5040) with PQC algorithms.  This enables organizations to achieve quantum resistance today while maintaining FIPS compliance.

CryptoComply Entropy Provider
CryptoComply Go v4.0 can optionally use SafeLogic’s new ESV-certified entropy source (Entropy Certificate #E241). NIAP is already requiring ESV-certified entropy sources for new Common Criteria submissions that employ cryptography. NIST will require an ESV-certified entropy source for new FIPS 140-3 submissions January 1, 2026.

About CryptoComply Go
CryptoComply Go is SafeLogic’s FIPS 140-3 validated cryptographic module designed specifically for Golang applications. It offers developers a Go Crypto compatible, drop-in solution that meets strict compliance requirements without sacrificing development speed or product performance. CryptoComply Go delivers strong encryption, secure key management, data integrity, and secure communications—empowering Go applications to meet FIPS 140-3 standards without the hassle of in-house development and validation.

Availability and Support
CryptoComply Go v4.0 for Windows, MacOS, and Linux are available today from SafeLogic upon request. All are fully supported by SafeLogic’s proven, enterprise-class, commercial-grade product support team.

For More Information
For more information on this new version, contact your existing SafeLogic representative or email sales@safelogic.com.