Workshops Digital Media Quantum-Safe Archive Integrity

Digital Media Full Day Workshop

Quantum-Safe Archive Integrity for Long-Form Media and Cultural Heritage

A technical workshop for digital preservation specialists, broadcast archive managers, and cultural heritage technologists migrating long-term cryptographic integrity systems to post-quantum standards.

Full day (6 hours + Q&A)

In person or online

Max 30 delegates

Commission This Workshop View Agenda

Proud to recommend our expert members

Workshop Description

Digital archives with 50-100 year retention obligations face a unique quantum risk. The cryptographic signatures and timestamps that guarantee the integrity and provenance of archived content today rely on RSA and ECDSA. A cryptographically relevant quantum computer would allow an attacker to forge signatures retroactively, undermining the evidentiary value of entire collections. For broadcast archives, film preservation vaults, news agencies, and public sector cultural heritage institutions, this is not a future problem. Content archived today under classical signatures will be vulnerable within its intended retention period.

This workshop examines the specific cryptographic dependencies in digital preservation infrastructure: signature schemes used in Archival Information Packages (AIPs), cryptographic timestamping services, fixity checking mechanisms, and Submission/Dissemination Information Package integrity. We assess the NIST post-quantum signature standards (FIPS 204 ML-DSA, FIPS 205 SLH-DSA) and the stateful hash-based schemes (XMSS per RFC 8391, LMS per RFC 8554) for their suitability in long-term archival contexts. The OAIS reference model (ISO 14721) and PREMIS metadata framework provide the structural context. Participants leave with a migration plan for re-signing existing archives and implementing PQC-native integrity for new ingest workflows.

What participants cover

Hash-based signature schemes for archival integrity: XMSS (RFC 8391), LMS (RFC 8554), and SLH-DSA (FIPS 205) selection criteria for 50-100 year retention horizons
Cryptographic timestamping under PQC: migrating RFC 3161 timestamp authority infrastructure and re-stamping existing timestamp chains
OAIS reference model (ISO 14721) integration: mapping PQC signatures to AIP structure, fixity metadata, and Preservation Description Information
PREMIS metadata framework: recording cryptographic algorithm changes, re-signing events, and signature validity periods in preservation metadata
Re-signing strategy for existing archives: batch re-signing versus hash tree approaches for collections with millions of archived objects
Regulatory and standards landscape: ETSI TS 119 312 (cryptographic suites for electronic signatures), EU eIDAS trust services, and UK National Archives digital preservation requirements

Preliminary Agenda

Full-day session structure with scheduled breaks. Content is configurable to your archive management system, preservation workflows, and retention obligations.

#	Session	Topics
1	Archive Cryptographic Dependencies Where asymmetric cryptography sits in digital preservation
2	Hash-Based Signature Schemes for Long-Term Integrity XMSS, LMS, and SLH-DSA for archival contexts	Stateful hash-based signatures (XMSS RFC 8391, LMS RFC 8554): security guarantees, state management complexity, and maximum signature counts for archival workloads SLH-DSA (FIPS 205): stateless hash-based signatures eliminating state management risk, with trade-offs in signature size (~8-17 KB) and signing speed ML-DSA (FIPS 204) versus SLH-DSA for archive integrity: lattice-based speed advantage versus hash-based conservative security assumption for multi-decade retention
Break, after 50 min
3	Cryptographic Timestamping and OAIS Integration Re-stamping and preservation metadata under PQC	RFC 3161 timestamp authority migration: transitioning TSA signing keys to PQC algorithms and re-stamping existing timestamp chains without breaking validity OAIS reference model mapping: integrating PQC signatures into Archival Information Package structure, fixity checking, and Preservation Description Information PREMIS metadata: recording algorithm transitions, re-signing events, and maintaining cryptographic provenance chains across preservation system migrations
4	Re-Signing Strategies at Scale Migrating existing collections with millions of objects	Batch re-signing architecture: parallel signature generation, hash tree approaches, and incremental migration for collections exceeding 10 million objects Hybrid signature strategies during transition: dual classical+PQC signatures maintaining backward compatibility with existing verification infrastructure Fixity verification during migration: ensuring no integrity loss during the re-signing process and maintaining audit trails
Break, after 45 min
5	Regulatory and Standards Landscape ETSI, eIDAS, and national archive requirements	ETSI TS 119 312 (cryptographic suites for electronic signatures): PQC algorithm adoption timeline and transition requirements EU eIDAS trust services: qualified electronic signature and qualified timestamp requirements under PQC transition UK National Archives digital preservation policy and NIST SP 800-227 (PQC migration guidelines) applicability to cultural heritage
6	Migration Planning Workshop Building your archive PQC migration roadmap	Prioritisation framework: highest-risk collections first (legally significant, evidential, long-retention), then systematic migration of remaining holdings Vendor landscape: archive management system PQC readiness (Preservica, Archivematica, Rosetta) and timestamp authority PQC migration paths Budget and resource estimation for re-signing operations at your collection scale
7	Q&A and Migration Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and digital media systems.

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

Digital Media workshops are co-delivered with sector specialists who bring direct operational experience in digital preservation, broadcast archive management, and cultural heritage technology. This ensures workshop content is grounded in the retention, integrity, and provenance requirements specific to long-term archival operations.

Commission This Workshop

Sessions are configured around your archive management platform, preservation workflows, retention obligations, and collection scale. Get in touch to discuss requirements and schedule a date.

Digital Media Workshops All Consulting Services All Workshops