SignQuantum partnership

Crowe in Portugal is now the Go‑To‑Market Partner of SignQuantum, a post‑quantum business‑trust and business‑continuity solution designed to mitigate document‑integrity risks associated with quantum computing.

It protects organizations by securing the most vulnerable point - the integrity and authenticity of digitally signed documents. This approach ensures both immediate and long‑term protection for critical business information. SignQuantum uses a NIST‑recommended standard: a digital signature scheme based on the post‑quantum CRYSTALS‑DILITHIUM algorithm to safeguard documents.

How Quantum Computing Undermines Digital Trust
Although many CTOs and CISOs underestimate this threat, the argument that quantum computers cannot yet break current digital‑signature standards does not make the consequences any less severe. Experts have already confirmed that quantum computers will be capable of breaking them in the near future. This represents a major ongoing risk, known as the “harvest now, decrypt later” scenario, where a sophisticated attacker can acquire legally binding documents now and later modify their contents - making them appear legally enforceable.

Immediate and Long‑Term Protection
The “harvest now, decrypt later” scenario is especially concerning for highly sensitive data with long‑term criticality, such as military plans, government records, or medical and financial information. For example, digitally signed contracts executed today - or in the coming years - may have their authenticity challenged in the future if compromised. Tampering with digital signatures can threaten everything from interbank payments to credit‑card transactions and trust in certificate authorities.

Regulatory Roadmap

• NIST published its post‑quantum cryptography (PQC) standards in August 2024.
• The White House issued an Executive Order in June 2025 directing federal agencies to migrate to quantum‑resistant encryption by 2027.
• The European Union released a common transition roadmap for PQC in June 2025, defining migration targets for 2026 and 2030.
• The U.S. Federal Reserve warned in September 2025 that the “harvest now, decrypt later” threat is already a reality and poses an ongoing danger to data privacy across all systems relying on traditional cryptography.

"Delaying the transition to post‑quantum cryptography not only increases the risk of a security breach but can also double the cost of that transition."  Source: BCG (2025)

Digitally Signed Documents Are Vulnerable Today
Modifying critical documents using quantum computers can lead to severe financial and reputational risks. Particularly sensitive examples include credit agreements, bank statements, and insurance documentation.

Industries must prepare for post‑quantum cryptography based on data shelf life and system lifecycles. The sectors most affected will be insurance, banking, and the public sector, as documents such as credit contracts, insurance policies, and critical personal data often retain relevance for decades, while core system lifecycles are long. This means documents collected today may remain valuable - and subject to compromise or forgery - decades from now. Companies, especially in the BFSI sector, must counter the “harvest now, decrypt later” threat with “prepare now, reduce costs later” strategies.

Fully Automated, No Changes to Your Workflow
SignQuantum integrates with leading electronic‑signature platforms (e.g., DocuSign, Signaturit, Dropbox Sign, PandaDoc, Adobe Sign, Ascertia’s SigningHub) and can be customized for any digital‑signature provider.

Solving Tomorrow’s Quantum Problem Today
SignQuantum automatically signs documents using current industry‑standard algorithms and a secondary post‑quantum signature, leveraging the NIST‑recommended post‑quantum algorithm.

Neutralizing the “Time Travel” Attack
The document’s original hash is recorded using immutable, quantum‑resistant blockchain technology, making timestamp manipulation mathematically impossible.

Secure Proofs Against Quantum Attacks, Within Reach
Document hashes and timestamps can be verified at any time on the self‑hosted, quantum‑resistant QAN Enterprise blockchain. Document contents remain accessible through the solution’s self‑hosted database.

Designed for Enterprise Needs, With Flexibility
SignQuantum and the QAN Enterprise blockchain run on your own servers, deployed via Kubernetes, Docker Swarm, or Virtual Machines (VMs).

All‑Included
Essential components such as storage (S3), databases, email services, and logging tools are included in SignQuantum but can easily be replaced with your existing solutions to fit your requirements.