+44 (0)1753 732000 
Article, Blog
Quantum-Safe Cyber Security with IBM Power11
Quantum Computing brings with it a new set of rules for data protection. The established cryptographic standards that have served the digital world reliably are set to be superseded by a new generation of technology designed for the quantum age. This is not a moment for concern, but one of opportunity. It is a chance for forward-thinking organisations to elevate their security posture and build a truly future-proof enterprise.
IBM Power11 is engineered precisely for this moment. It represents the next logical step in the evolution of the Power platform, providing a direct path to implement next-generation, quantum-safe security. For organisations currently leveraging the robust capabilities of Power7, Power8, and Power9 systems, the upgrade to Power11 is a strategic opportunity to lead from the front, particularly by enhancing the core integrity of the platform through quantum-safe Secure Boot and Logical Partition Migration (LPM).
The Next Frontier in Cryptography: Preparing for Cyber Security in Quantum Computing
The progression of technology is a constant. Just as cloud computing and AI have reshaped the business landscape, quantum computing is poised to unlock unprecedented capabilities in fields like medical research, financial modelling, and materials science. A key characteristic of this new technology is its ability to solve certain complex mathematical problems exponentially faster than any classical computer ever could.
This capability has a direct implication for cryptography. Today’s public-key encryption, which protects data across the globe, is built on mathematical problems that are currently intractable for classical computers. Quantum computers, however, will be able to solve them with relative ease.
Recognising this long-term technological trajectory, strategic planners are now considering the lifecycle of their data. For information that must remain confidential for decades – such as sensitive intellectual property, government archives, medical records, or foundational financial data – a new approach to protection is required. The concept of “harvest now, decrypt later” (HNDL) describes a scenario where encrypted data could be captured today and stored until a time in the future when the technology exists to decrypt it.
For organisations with a long-term view, the emergence of quantum computing is a clear signal to begin planning the next evolution of their security infrastructure. The goal is to ensure that data protected today remains secure for its entire lifespan, regardless of future technological advancements.
Take a look at the IBM Roadmap for Quantum-Safe Computing.
The Proactive Solution: NIST and the New Standard of Trust
The global technology community has been working proactively for years to prepare for this new frontier. The U.S. National Institute of Standards and Technology (NIST) has led a landmark collaborative project to develop and standardise a new suite of cryptographic algorithms that are resistant to attacks from both classical and quantum computers.
This multi-year effort culminated in the selection of a portfolio of new algorithms, representing the future gold standard for digital security. Among the first to be standardised were CRYSTALS-Kyber for establishing secure communication channels and CRYSTALS-Dilithium for creating robust digital signatures.
- CRYSTALS-Kyber (now ML-KEM): This algorithm enables two parties to agree on a shared encryption key securely, forming the foundation for protecting data in transit. Its design is resistant to the code-breaking abilities of future quantum computers.
- CRYSTALS-Dilithium (now ML-DSA): This algorithm provides a method for verifying that data or software is authentic and has not been altered. It ensures trust and integrity in digital communications and software supply chains.
The finalisation of these standards provides a clear and stable roadmap for the technology industry. It allows vendors like IBM to build the next generation of hardware and software on a foundation of quantum-safe principles. For customers, it means that the tools to build a quantum-safe enterprise are now becoming available, and Power11 is at the forefront of this implementation.
Download the IBM report: ‘Security in the Quantum Computing era’.
Innovating at the Core: Power11’s Quantum-Safe Secure Boot
The security of a system is only as strong as its foundation. The Secure Boot process is a cornerstone of modern infrastructure security, designed to ensure that a server boots using only authentic and unmodified code. From the moment of power-on, it creates a “chain of trust,” where the system’s firmware validates the digital signature of the hypervisor, which in turn validates the operating system. This ensures the entire software stack is legitimate before any application code is run.
On all modern servers, including Power7, Power8, and Power9 systems, this process uses industry-standard digital signatures based on classical cryptography like RSA. This has provided a robust and reliable method of verification for many years.
IBM Power11 takes this fundamental security process to the next level by integrating the new NIST-standard quantum-safe algorithms. By employing a quantum-resistant algorithm like CRYSTALS-Dilithium for all firmware and operating system signatures, Power11 offers a new, higher level of assurance.
This is what that enhanced process provides:
- Future-Proof Signatures:
All critical boot-level components – the firmware, PowerVM hypervisor, and supported operating systems (AIX, IBM i, Linux) – are authenticated using digital signatures that are designed to resist attack by quantum computers. - An Enhanced Chain of Trust:
The process begins with an immutable hardware root of trust within the Power11 processor itself. This anchor verifies the first piece of code using quantum-safe algorithms, establishing an unbreakable foundation for the rest of the boot sequence. - Advanced Integrity Verification:
This enhancement ensures the integrity of your systems against the most advanced future threats. It provides peace of mind that your servers are running exactly the code they are intended to, with a level of verification designed for the next decade and beyond.
With Power11, the very act of starting a server is an exercise in next-generation security. It allows you to build your enterprise on a foundation that is not just secure for today, but engineered to be secure for tomorrow.
Quantum computing will profoundly alter how we think of computing and, critically, how we secure our digitalĀ economy through encryption.
Next-Generation Agility: Quantum-Safe Logical Partition Migration (LPM)
Logical Partition Migration (LPM) is one of the signature features of the IBM Power platform, valued by administrators for the incredible operational flexibility it provides. The ability to move a live, running workload from one physical server to another with zero downtime is a game-changer for performing system maintenance, balancing resources, and implementing disaster recovery plans.
During an LPM event, the entire state of a running virtual machine – its active memory, CPU state, and I/O connections – is securely transmitted across a network to a destination server. The security of this data in transit is paramount. On existing Power systems, this process is protected by well-established industry-standard encryption protocols.
IBM Power11 elevates the security of this crucial feature to meet the demands of the quantum era. By integrating the new quantum-safe cryptographic standards, Power11 ensures that the confidentiality and integrity of your live workloads are protected at a higher level during migration.
The benefits of quantum-safe LPM on Power11 are clear:
- Enhanced Confidentiality:
The secure channel for the migration is established using a quantum-resistant algorithm like CRYSTALS-Kyber. This ensures the encryption keys protecting your in-flight data are secure against any future cryptanalytic attacks. - Superior Integrity:
The stream of data representing the migrating LPAR is digitally signed using a quantum-safe algorithm like CRYSTALS-Dilithium. This guarantees that the workload reconstituted on the destination server is a perfect, untampered replica of the original. - Proactive Security:
It allows your organisation to continue using this powerful flexibility tool with the confidence that the process is protected by the most advanced security standards available.
Upgrading to Power11 means you can continue to leverage the operational agility of LPM, while simultaneously raising the bar for the security of your most critical and active business applications.
Widespread data encryption mechanisms, such as public-key cryptography (PKC), could become vulnerable.
The Power11 Advantage: A Strategic Leap Forward
Choosing to migrate to IBM Power11 is a strategic decision to embrace innovation and position your organisation for the future. For businesses currently running on Power7, Power8, or Power9, the move offers a wealth of advantages, with quantum-safe security being a leading component of a much broader story of advancement.
For Power7 and Power8 Users:
The move from a Power7 or Power8 environment to Power11 represents a transformational leap in capability. It is an opportunity to modernise your infrastructure, streamline operations, and unlock significant new value. Key advantages include:
- A Quantum Leap in Performance and Efficiency:
The performance-per-core advancement in Power11 will enable massive consolidation of older systems. This translates directly into lower software licensing costs, reduced energy consumption and cooling requirements, and a smaller data centre footprint. - Access to Modern Technology:
Gain the benefits of years of innovation, including faster I/O with PCIe Gen5, more advanced memory systems, and full support for the latest versions of AIX, IBM i, and Linux. - A Foundation for Innovation:
Power11 is designed for modern workloads, including AI and data analytics, providing a platform that can grow with your business for years to come.
For Power9 Users:
The Power9 platform is a powerful and reliable workhorse for many enterprises. The motivation to move to Power11 is about proactively embracing the next generation of technology and gaining a strategic edge. While your Power9 systems are secure by today’s standards, Power11 offers the opportunity to get ahead of the technological curve. By migrating to Power11, you are:
- Adopting a Leadership Security Posture:
Being an early adopter of quantum-safe technology demonstrates a commitment to security innovation and provides the highest level of assurance for your company’s and your customers’ data. - Future-Proofing Your Infrastructure:
The transition to quantum-safe standards across the enterprise will be a multi-year journey. Starting now with Power11 puts you in a commanding position, allowing for a phased and managed rollout of new security protocols. - Unlocking New Performance Tiers:
Beyond security, Power11 will deliver the next wave of performance enhancements, allowing you to run your existing applications faster and providing the capacity to take on new, more demanding workloads.
Covenco: Your Partner in Quantum Safe Computing
Realising the full potential of a next-generation platform like Power11 requires a partner who combines deep technical knowledge with extensive real-world experience. As an IBM Gold Business Partner, Covenco has been at the forefront of the IBM Power platform for more than 35 years. Our expertise is built on a long history of helping clients navigate technological shifts and successfully adopt new innovations.
Organisations looking to migrate applications to the cloud and/or modernise applications on the cloud need to plan for quantum-safe cryptography and crypto-agility.
Our approach is collaborative and comprehensive, ensuring your transition to Power11 is seamless and delivers maximum value. The Covenco technical team will support you through every phase:
- Strategic Discovery and Planning:
We begin by understanding your current environment, your business objectives, and your future goals to design a Power11 solution that is a perfect fit. - Expert Solution Design:
Our certified pre-sales consultants will architect a Power11 landscape that optimises performance, security, and return on investment. - Seamless Migration:
Leveraging proven methodologies and tools like LPM, we ensure your critical workloads are migrated to the new platform with minimal disruption to your business operations. - Comprehensive Support:
Our commitment extends beyond the initial implementation. We offer a full range of services, including hardware maintenance and systems management, to ensure your Power11 environment continues to operate at its peak.
Partnering with Covenco means gaining an experienced guide to help you harness the full power of this new technology.
Seize the Quantum Safe Future with Confidence
The introduction of quantum-safe technology is not a challenge to be overcome, but an opportunity to be seized. It allows forward-thinking organisations to build a new level of trust and resilience into their digital infrastructure. IBM Power11 stands as the premier platform for taking this step, integrating next-generation cryptography at the most fundamental level of the hardware.
For organisations running on Power7, Power8, and Power9, the path forward is clear. The upgrade to Power11 is a strategic investment in the future of your enterprise. It is a decision to lead with innovation, to embrace a superior security posture, and to build on a platform designed for the challenges and opportunities of the coming decade.
By making this move with a deeply experienced partner like Covenco, you can navigate the transition with confidence and position your business for sustained success in the quantum era.
