```
The foundational work required to defend future systems against quantum computing threats has reached a critical milestone within the Linux kernel. The integrity subsystem, a key component for verifying software and data authenticity, now includes support for the post-quantum digital signature algorithm ML-DSA, with the code merged for the upcoming Linux 7.2 release.
As reported by Phoronix on 19 May, the merge solidifies a proactive infrastructure update. The integration is not a response to an immediate cryptographic break but rather a vital first step in enabling a "cryptographic agility" across the ecosystem, allowing the broader Linux community to begin planning and testing transitions away from algorithms vulnerable to quantum computers.
ML-DSA (Module-Lattice-Based Digital Signature Algorithm) is one of the standardized algorithms recently approved by the U.S. National Institute of Standards and Technology (NIST) for post-quantum cryptography. Its integration into the Linux Integrity Measurement Architecture (IMA) and Extended Verification Module (EVM) provides the kernel-level capability to verify digital signatures using this quantum-resistant method.
This work addresses the long-term strategic threat known as "harvest now, decrypt later," where adversaries might store encrypted data today with the expectation of decrypting it once large-scale quantum computers become available. While full-scale quantum computers are not yet operational, the time required to transition complex, secure systems necessitates starting now.
The addition in Linux 7.2 is best understood as laying essential plumbing. IMA and EVM are mechanisms used to create a chain of trust, verifying that executable code and critical files have not been tampered with. By enabling these subsystems to use ML-DSA, the kernel provides a pathway for future Linux distributions and secure boot implementations to adopt quantum-safe integrity policies.
However, this kernel support is only the beginning. ML-DSA algorithms have significantly larger key sizes and different performance profiles compared to traditional cryptography like RSA or ECC. Their widespread adoption will depend on the maturation of hardware acceleration and optimizations across the software stack. System administrators and security architects will also need clear guidance on migration paths and performance implications.
For the global IT community, including developers and infrastructure professionals in Hong Kong, this merge represents a checkpoint in a long-term security evolution. It underscores the importance of monitoring cryptographic agility in software and hardware roadmaps. The transition to post-quantum standards will be a multi-year journey, and this update ensures the Linux kernel—a cornerstone of modern cloud and server infrastructure—is ready to support the first steps of that journey.
為未來系統防禦量子電腦威脅所需的基本工作,在 Linux 核心中已達至一個關鍵里程碑。完整性子系統作為驗證軟件與數據真實性的核心組件,現在已加入對後量子數碼簽章演算法 ML-DSA 的支持,相關代碼已併入即將推出的 Linux 7.2 版本。
正如 Phoronix 於 5 月 19 日報導,此次合併鞏固了一項具前瞻性的基礎設施更新。此整合並非對即時密碼學漏洞的回應,而是實現整個生態系統「密碼學敏捷性」的至關重要的第一步,讓更廣泛的 Linux 社群得以開始規劃並測試從易受量子電腦攻擊的演算法過渡。
ML-DSA(基於模格的數碼簽章演算法)是近期獲美國國家標準與技術研究院(NIST)批准用於後量子密碼學的標準化演算法之一。將其整合至 Linux 完整性測量架構(IMA)與擴展驗證模組(EVM),使核心層級具備了使用這種抗量子方法驗證數碼簽章的能力。
這項工作旨在解決一個名為「現時擷取,日後解密」的長期策略性威脅,即對手可能在今天儲存加密數據,期望在大規模量子電腦面世後將其解密。儘管全規模量子電腦尚未投入運作,但複雜安全系統所需的過渡時間意味著必須立即開始行動。
Linux 7.2 版本的此項新增,最好理解為鋪設基礎設施管線。IMA 和 EVM 是用於建立信任鏈、驗證可執行代碼和關鍵檔案未經篡改的機制。通過使這些子系統能使用 ML-DSA,核心為未來 Linux 發行版及安全啟動實現提供了採用量子安全完整性策略的途徑。
然而,此核心支持僅是個開始。相較於 RSA 或 ECC 等傳統密碼學,ML-DSA 演算法的密鑰尺寸顯著更大,且性能特徵不同。其廣泛採用將取決於硬件加速的成熟化以及整個軟件堆棧的優化。系統管理員和安全架構師亦需獲得關於遷移路徑及性能影響的明確指引。
對於包括香港開發者和基礎設施專業人員在內的全球 IT 社群而言,此次合併代表了長期安全演進中的一個檢查點。它凸顯了監察軟件和硬件路線圖中密碼學敏捷性的重要性。過渡至後量子標準將是一段歷時數年的旅程,此更新確保作為現代雲端與服務器基礎設施基石的 Linux 核心,已準備好支持這段旅程的起步階段。