The Supply Chain Is the New Attack Surface
Modern software is not built in isolation. Every production deployment relies on hundreds—often thousands—of dependencies, third-party libraries, vendor-managed services, and CI/CD tools that form a deeply interconnected supply chain. Attackers have recognized that compromising a single node in this chain can cascade downstream to thousands of organizations simultaneously. The results have been catastrophic.
The SolarWinds attack (2020) injected a backdoor into the Orion build process, compromising over 18,000 organizations including U.S. federal agencies. Codecov (2021) saw attackers modify a Bash uploader script to exfiltrate CI/CD environment variables—credentials, tokens, and signing keys—from thousands of repositories for two months before detection. The Log4j vulnerability (2021) demonstrated how a single transitive dependency buried deep in a dependency tree could expose virtually every Java-based system on the internet. Each of these incidents shares a common root cause: the inability to cryptographically verify the identity and integrity of every component in the pipeline.
Identity Verification Across the Supply Chain
Securing a software supply chain begins with establishing cryptographic identity for every participant: developers, build systems, third-party vendors, and even the hardware running the pipeline. Without verified identity, any attestation or signature is meaningless—an attacker who compromises a signing key can forge anything.
The Identity Stack
A robust supply chain identity framework must address three layers:
- Developer identity: Verified via hardware-bound keys (e.g., YubiKey, TPM-backed credentials). Every commit and code review is tied to a cryptographically attested human identity, not just a username/password pair.
- Build system identity: CI/CD runners must prove their own integrity before signing artifacts. This means attestation of the build environment itself—OS version, compiler toolchain, and dependency graph—anchored to a hardware root of trust.
- Vendor and dependency identity: Third-party libraries and services must provide verifiable provenance. Who published the package? Has the artifact been tampered with since signing? Does the SBOM match the actual binary contents?
Digital Attestation: Proving Provenance at Every Handoff
An attestation is a signed statement binding an identity to a claim about an artifact. In a supply chain context, attestations form a chain: the developer attests to the source code, the build system attests to the compilation, the scanner attests to the vulnerability check, and the deployer attests to the runtime environment. If any link in this chain is missing or forged, the entire pipeline is suspect.
| Handoff Point | Attestation | What It Proves |
|---|---|---|
| Source commit | Signed commit (GPG/Dilithium) | Author identity + code integrity |
| Build output | SLSA provenance | Build environment + reproducibility |
| Dependency resolution | SBOM signature | Complete dependency graph is authentic |
| Security scan | Scanner attestation | No known CVEs at build time |
| Deployment | Runtime attestation | Artifact matches build output hash |
Code Signing and SBOM Authentication
Code signing binds an identity to a binary artifact, ensuring that what runs in production is exactly what was reviewed and approved. But signing alone is not enough. A signed artifact with an unverified dependency tree is a locked front door with open windows.
This is where the Software Bill of Materials (SBOM) becomes critical. An SBOM is a machine-readable inventory of every component in a software artifact—direct dependencies, transitive dependencies, compiler flags, and build metadata. When the SBOM itself is cryptographically signed and chained to the build attestation, consumers can independently verify that every component in the final artifact was intentionally included, has known provenance, and has not been silently swapped.
Post-Quantum Signatures for Supply Chain Attestations
Every attestation in the chain above is only as durable as the signature scheme protecting it. Today, most code signing relies on RSA-2048 or ECDSA—algorithms that a sufficiently powerful quantum computer could break using Shor's algorithm. The threat is not hypothetical: adversaries are already executing harvest-now, decrypt-later strategies, collecting signed artifacts and attestations today for future forgery once quantum hardware matures. Financial institutions and regulated industries are particularly vulnerable to this threat.
For supply chain attestations, this means an attacker could retroactively forge a build provenance record, inject a malicious dependency into an SBOM, and produce a valid-looking signature chain—all without ever touching the original build system. The only defense is to sign attestations with algorithms that resist quantum attack now.
Why Dilithium (ML-DSA)?
CRYSTALS-Dilithium (standardized as ML-DSA in FIPS 204) is the NIST-selected post-quantum signature algorithm based on the Module Learning With Errors (MLWE) problem. It offers:
- Quantum resistance: No known quantum algorithm solves MLWE in sub-exponential time.
- Fast verification: ~244 µs for sign + verify, making it practical for high-throughput attestation chains.
- Compact signatures: 2,420 bytes at security level 2—small enough to embed in container image manifests and SBOM headers without bloat.
- Deterministic signing: Eliminates nonce-reuse vulnerabilities that have plagued ECDSA deployments.
H33's Dilithium-Signed Attestation Chain
H33 implements a fully post-quantum attestation chain where every component in the authentication pipeline is cryptographically verified using Dilithium signatures. This is not a theoretical framework—it runs in production at 1.595 million authentications per second.
The architecture works as follows: when a 32-user batch is processed through the FHE engine, the resulting ciphertext operations produce an intermediate result. Before that result is accepted, a Dilithium-signed attestation binds the batch identifier, the FHE parameters, the ZKP cache lookup result, and a SHA3-256 digest of the computation into a single signed statement. This attestation takes approximately 244 µs for the entire batch—roughly 7.6 µs per user.
// H33 attestation chain (simplified)
let digest = sha3_256(&[
&batch_id,
&fhe_params.to_bytes(),
&zkp_result.proof_hash,
&ciphertext_digest,
]);
let attestation = dilithium_sign(&signing_key, &digest);
// Verify at every downstream consumer
assert!(dilithium_verify(&public_key, &digest, &attestation));Because each attestation is Dilithium-signed, a quantum adversary cannot forge provenance records even if they intercept the full attestation chain. The chain is tamper-evident across its entire lifetime—not just until quantum computers arrive.
Zero-Knowledge Proofs for Vendor Compliance
Supply chain security often requires vendors to prove compliance with security policies—vulnerability scanning, code review coverage, access control audits—without exposing proprietary source code or internal infrastructure details. This is a natural fit for zero-knowledge proofs (ZKPs).
With ZKPs, a vendor can generate a proof that their build pipeline meets a specific policy (e.g., "all dependencies were scanned with a tool at version ≥ X and zero critical CVEs were found") without revealing the dependency list, the scanner output, or the source code. The verifier—typically the downstream consumer or an auditor—checks the proof in constant time and learns nothing beyond the boolean compliance result.
Practical applications
- Compliance attestation: Prove SOC 2 or FedRAMP control satisfaction without sharing audit reports.
- Dependency privacy: Prove your SBOM contains no components from embargoed origins without disclosing the full SBOM.
- Build integrity: Prove a binary was built from reviewed source without exposing the source itself.
H33's ZKP verification layer uses STARK-based lookups with in-process DashMap caching, achieving 0.085 µs per proof verification. This makes it feasible to embed ZKP compliance checks directly into CI/CD gates without measurable pipeline slowdown.
Implementation Architecture: Getting Started
Deploying post-quantum supply chain identity does not require rearchitecting your entire pipeline overnight. A practical rollout follows three phases:
Phase 1: Instrument and Observe
Add attestation generation at existing handoff points (commit, build, scan, deploy) using your current signature scheme. Capture SBOMs for all builds. This creates the data foundation without changing any verification logic.
Phase 2: Hybrid Signing
Introduce Dilithium co-signatures alongside your existing ECDSA or RSA signatures. Consumers that support post-quantum verification check both; legacy consumers ignore the Dilithium signature. This is a zero-disruption upgrade path.
Phase 3: Full Post-Quantum Policy Enforcement
Once all pipeline participants support Dilithium verification, enforce a policy that rejects any artifact missing a valid post-quantum attestation. At this stage, you can also introduce ZKP-based vendor compliance gates.
// Phase 2: Hybrid attestation header
{
"attestation_version": "2.0",
"digest_alg": "SHA3-256",
"signatures": {
"ecdsa_p256": "MEUCIQDx...",
"dilithium_level2": "B7kF3a..."
},
"sbom_ref": "sha3:9f86d081884c..."
}Ready to Go Quantum-Secure?
Start protecting your users with post-quantum authentication today. 1,000 free auths, no credit card required.
Get Free API Key →