THALES BLOG

How to Become Quantum-Ready Today: Luna HSM v7.9 Delivers Real-World PQC, Validated by Thales PKI Technology Partners

July 29, 2025

Blair Canavan Blair Canavan | Director, Alliances – PQC Portfolio, Thales More About This Author >

Quantum computing is no longer a distant possibility; it is an emerging reality. With the increasing risk of Harvest-Now, Decrypt-Later (HNDL) attacks, the cryptographic landscape is on the brink of its most significant transformation in recent history. Quantum threats could potentially render current encryption methods obsolete, and organizations must take proactive measures to protect their data in preparation for a post-quantum future.

With the release of Luna HSM firmware v7.9, Thales delivers precisely what the industry needs to prepare: production-ready, NIST-approved post-quantum cryptography (PQC), that’s been tested across real-world environments and validated by an expansive Thales Luna HSM Technology Partner Ecosystem.

A Major Step Forward in PQC Integration

Unlike theoretical or experimental approaches, Luna HSM v7.9 offers native support for:

  • ML-KEM (FIPS 203) and ML-DSA (FIPS 204) — fully integrated into firmware, eliminating the need for external functionality modules.
  • Hybrid PQC encryption for secure key synchronization, backup, and restore.
  • Post-quantum protection for TLS/SSL, key exchange, IoT, code signing, and database encryption, addressing vulnerabilities related to HNDL attacks.

These capabilities enable organizations to future-proof and enhance their cryptographic infrastructure without compromising performance, functionality, standards compliance, or integration flexibility. For organizations planning their PQC transition, this release offers a production-ready, standards-based, and certified solution, with FIPS 140-3 Level 3 validation in progress – a critical step beyond experimental implementation.

Partner-Driven Confidence: Validated in Real-World Environments

We thank our Thales Luna HSM technology partners and select customers for their valuable contributions in testing and validating this firmware across PKI platforms and applications, confirming its readiness for real-world HSM use cases. Thales collaborated closely with leading technology partners to validate PQC capabilities in PKI and key management environments. This testing confirms operational readiness across diverse use cases and platforms. Here’s what our partners have said:

AscertiaWith the release of Luna HSM v7.9 featuring NIST-approved algorithms embedded in firmware, Thales continues to set the standard for cryptographic security. Ascertia and Thales continue to work side by side on the ever-evolving PQC capabilities of products while industry standards continue to add PQC support for PKI, and digital signing solutions that our customers can rely on today and into the future.

DigiCertTested quantum-safe certificate issuance, PKI and lifecycle management across TLS ecosystems. The latest version of Luna builds on DigiCert’s long-standing partnership and shared mission with Thales to future-proof digital trust. By enabling quantum-resistant protection today and supporting a smooth transition as NIST standards evolve, we’re helping customers strengthen defenses and prepare for the quantum era.

EVERTRUST — We are committed to empowering organizations with sovereign control over their cryptographic keys and digital certificates, cornerstones of online security and digital trust in a post‑quantum era. After thoroughly testing Luna HSM v7.9, we’re proud to partner with Thales to deliver a robust, sovereign‑ready solution with native PQC algorithms, helping customers confidently and independently transition to quantum‑safe cryptography.

Garantir— Luna HSM v7.9 perfectly aligns with Garantir’s focus on security, compliance, and ease-of-use. Garantir’s cryptographic services such as CLM, PKI, and code signing will all benefit from Luna HSM’s native PQC support.

KeyfactorAt Keyfactor, we’re committed to providing the tools and capabilities needed to establish and maintain digital trust in a post-quantum world. This is why we’re proud to partner with Thales and support Luna HSMs with native PQC algorithms to aid in the transition to quantum-safe cryptography.

“With Luna HSM v7.9, we’re not just embedding NIST-standardized PQC algorithms into our HSMs – we’re already taking it into production with the backing of a global partner ecosystem,” said Blair Canavan, Director of Alliances - PKI and PQC Portfolio of Partners at Thales. “Our Thales Accelerate Technology Partners have validated this release across diverse PKI platforms and use cases, giving customers a tested and trusted path to PQC adoption.”

Start Your Quantum-Safe Journey with Confidence

Luna HSM v7.9 delivers a proactive defense: standards-based, quantum-safe cryptography built directly into the firmware, validated by a trusted ecosystem of partners. With the broadest partner ecosystem on the market, Luna HSM supports customers on their post-quantum cryptography (PQC) journey, providing a seamless path to quantum readiness—without compromise, without complexity.

Quantum partner ecosystem

This isn’t a theoretical roadmap. It’s a production-ready solution already validated across HSM use cases. Quantum threats are real, inevitable, and already shaping cybersecurity strategies worldwide. Luna HSM v7.9 is ready NOW to help you defend against them—so you can focus on protecting what matters most. Learn more about Luna HSM v7.9, Thales PQC-Ready solutions, and our Thales Technology Partners.