• facebook
  • x
  • instagram
  • youtube
  1. Home>
  2. Publicity>
  3. Press Release>
  4. 2026>
  5. TOPPAN Holdings, NICT, and ISARA Establish Proof of Concept for Technology Enabling Seamless Migration to Post-Quantum Cryptography for Certificate Authorities
Print
日本語

TOPPAN Holdings, NICT, and ISARA Establish Proof of Concept for Technology Enabling Seamless Migration to Post-Quantum Cryptography for Certificate Authorities

Secondary root certificate maintains security of communications between servers and clients to facilitate a phased transition from current to quantum-safe cryptography
April 9, 2026

TOPPAN Holdings Inc.
National Institute of Information and Communications Technology
ISARA Corporation

Overview of PQC migration using the secondary root certificate
©TOPPAN Holdings Inc.
Tokyo - April 9, 2026 - TOPPAN Holdings Inc. (TYO: 7911) (TOPPAN Holdings), the National Institute of Information and Communications Technology (NICT), and ISARA Corporation (ISARA) have successfully conducted a proof of concept confirming the effectiveness of technology for seamless migration from current cryptography to Post-Quantum Cryptography (PQC) for certificate authority frameworks that from the base of the security infrastructure of internet communications.

The security of internet-based communications is supported by digital certificates that verify the identities of communicating entities and public-key infrastructure based on certificate authorities that issue and sign certificates. However, there is a risk that current public-key cryptosystems could be vulnerable to attacks from quantum computers in the future, necessitating a prompt migration to PQC. At the same time, the transition phase could see service disruptions or outages when new cryptographic algorithms are applied to root certificate authorities, which serve as the foundational trust anchors for security infrastructure.

ISARA has developed digital certificates issued via a secondary crypto-agile root certificate to facilitate migration from current cryptography such as ECDSA to PQC algorithms such as ML-DSA. In the proof of concept, this secondary root certificate was integrated into a smart card system developed by TOPPAN Holdings on a quantum cryptography network testbed constructed by NICT. The ability to transition smoothly to PQC without disruption to existing authentication infrastructure was demonstrated through simulation of a transitional phase ecosystem in which both current cryptography and PQC are used for smart-card-enabled ID verification and internet access. This will help enable a phased migration to security levels sufficient to counteract the threat of quantum computers without interrupting services in sectors such as healthcare, finance, and government, where confidentiality must be maintained for extended periods.

A part of the work was performed for Council for Science, Technology and Innovation (CSTI) Cross-ministerial Strategic Innovation Promotion Program (SIP), “Promoting Application of Advanced Quantum Technologies to Social Challenges” (Project management agency: QST). The details of the proof of concept will be presented at QUANTUM COMPUTING EXPO TOKYO [Spring], which will take place from April 15 through 17 at the Tokyo Big Sight exhibition center.

Background

The internet security ecosystem is built upon digital certificates that use public-key cryptography to verify the identities of communicating entities, certificate authorities—trusted third-party organizations that issue and validate the certificates, and certificate chains, all of which are verified. However, quantum computers may be able to crack the public-key cryptography that currently underpins this infrastructure. Preparations for migration to PQC are therefore underway globally, and the U.S. National Institute of Standards and Technology (NIST) has selected PQC algorithms such as ML-DSA and ML-KEM as part of its PQC standardization efforts. A prompt transition is essential in sectors such as finance, healthcare, and government, where sensitive information needs to be protected over the long term.

Considerable care is required when changing the cryptographic algorithms of root certificates because it can have a critical effect on the entire social infrastructure. Communication may not be successful if legacy devices that only support current cryptography algorithms cannot verify new PQC certificates. A simultaneous PQC upgrade of all usage environments is also not practically feasible, and service outages during the transition period must be avoided. This necessitates a secure and seamless migration to PQC, allowing legacy and PQC environments to co-exist at minimal cost while ensuring the continuation and interoperability of services.

TOPPAN, NICT, and ISARA have therefore verified the effectiveness of a secondary root certificate by applying it to a smart card system. This certificate allows hybrid certificates that also support PQC algorithms such as ML-DSA to be integrated into the certificate chain while maintaining compatibility with existing root certificates.

Overview of Proof of Concept

  • Period: October 2025 to March 2026 (including system development)
  • Location: Quantum cryptography network testbed node at TOPPAN
  • Details of verification: Smart card authentication infrastructure was established using ISARA’s secondary root certificate. Cryptographic communication protocol connections and mutual authentication between clients and servers were verified for three phases of the transition to PQC. Authentication using the PQC CARD® was performed via connection with a private authentication server installed on the testbed to enable authentication on a closed network. After successful authentication, connection was made to an application that facilitates secure communication via quantum cryptography. The PQC implemented is aligned with NIST-standardized algorithms, including ML-DSA.
    • Phase 1: Legacy environment (current cryptography only)
    Phase 2: Hybrid migration environment (hybrid of current cryptography and PQC)
    Phase 3: Full PQC environment
  • Results: Testing confirmed that security was maintained even during the migration process and that it is possible to transition smoothly from existing smart card systems to PQC environments without system disruption. In addition, integration with a quantum cryptography network enabled a multi-layered defense that combines quantum key distribution to prevent eavesdropping between data endpoints and PQC authentication to verify the identity of users.

Roles of the Three Organizations

TOPPAN Holdings: Development and provisioning of smart card system; participation in the quantum cryptography network testbed. 
NICT: Overall framework of the proof of concept; development and provisioning of the quantum cryptography network testbed.
ISARA: Development of secondary root certificate and provision of related technology.

Future Activities

Targeting full real-world implementation around 2030, TOPPAN Holdings, NICT, and ISARA plan to build on insights from the proof of concept by conducting limited practical implementations in sectors requiring high levels of security, such as healthcare and finance. 

Based on the process established for smooth migration, TOPPAN Holdings aims to support PQC transition for a broad spectrum of existing systems beyond smart cards, including online services and IoT devices. TOPPAN Holdings will also work with NICT and its collaborative partners on enhancements using the quantum cryptography network testbed’s PQC to strengthen quantum-secure cloud technology infrastructure and pursue real-world application. These efforts will be leveraged to target establishment of data infrastructure that ensures the secure communication, storage, and use of sensitive information in the future.

About the TOPPAN Group

Established in Tokyo in 1900, the TOPPAN Group is a leading and diversified global provider committed to delivering sustainable, integrated solutions in fields including printing, communications, security, packaging, décor materials, electronics, and digital transformation. The TOPPAN Group’s global team of more than 50,000 employees offers optimal solutions enabled by industry-leading expertise and technologies to address the diverse challenges of every business sector and society and contribute to the achievement of shared sustainability goals.

About National Institute of Information and Communications Technology (NICT)

The National Institute of Information and Communications Technology (NICT) is Japan’s sole National Research and Development Agency specializing in the field of information and communications technology and is charged with promoting the ICT sector as well as research and development in ICT, which drives economic growth and creates an affluent, safe and secure society.
For more information, visit https://www.nict.go.jp/en/

About ISARA Corporation

ISARA Corporation, the world’s leading provider of crypto-agile quantum-safe security solutions, leverages decades of real-world cybersecurity expertise to protect today’s computing ecosystems in the quantum age. With its partners, ISARA is clearing the path to quantum-safe security for enterprises and governments by delivering practical, standardized solutions for a seamless migration. Co-founded in 2015 by former BlackBerry security executives, ISARA’s team has since launched several first-of-its-kind solutions such as a quantum-safe cryptographic library, integration tools for developers, and agile technologies. With an emphasis on interoperability, ISARA proudly collaborates on international standards-setting efforts. 
For more information, visit www.isara.com or follow @ISARACorp on Twitter.

Glossary

Public key infrastructure A framework that centrally manages information encryption, digital signatures, and identity verification by using public-key cryptography technologies and digital certificates to enable secure communication over the internet. Back to contents

Secondary crypto-agile root certificate A hybrid root certificate that supports signing with both current cryptography and PQC. It facilitates a seamless transition without disrupting existing systems by establishing a PQC-based certificate chain while also maintaining full backward compatibility with current cryptography verification processes. Back to contents

ECDSA A digital signature algorithm based on ECC public-key techniques. It provides the same level of security as the RSA public-key cryptosystem but with roughly one tenth the key size. Back to contents

ML-DSA A PQC digital signature algorithm standardized by NIST as FIPS 204. It is based on CRYSTALS-Dilithium, a digital signature algorithm applying lattice problems that are difficult for quantum computers to solve. Back to contents

ML-KEM A PQC key exchange algorithm standardized by NIST as FIPS 203. It is based on CRYSTALS-Kyber, a key exchange algorithm applying lattice problems that are difficult for quantum computers to solve. Back to contents

PQC CARD® A smart card equipped with PQC
https://www.holdings.toppan.com/en/news/2022/10/newsrelease221024_1.html Back to contents

Contacts

Public Relations Division, TOPPAN Holdings

Press Office, Public Relations Department, NICT

ISARA Corporation