Broadcom Ships First PQC-Safe Network Encryption as Quantum Threat Forces Enterprise Migration

Overview

Broadcom announced on March 19 that it is shipping the industry’s first end-to-end post-quantum cryptography-safe in-flight network encryption solution, built on its Emulex SecureHBA adapters and integrated into Everpure’s FlashArray storage platform. More than 120,000 SecureHBA units have shipped on OEM server platforms over the past year, making this the first large-scale deployment of hardware-based PQC encryption for data-in-flight across enterprise storage networks.

The announcement lands as NIST pushes organizations toward an aggressive migration timeline that will deprecate RSA-2048 and ECC-256 by 2030 and ban them entirely by 2035, while the NSA’s CNSA 2.0 framework requires all new National Security System acquisitions to be quantum-resistant by January 2027. Broadcom’s product is among the first commercial offerings to meet these emerging mandates.

What the Solution Does

The Emulex SecureHBA encrypts all in-flight data traversing Fibre Channel storage area networks, the high-speed interconnects that link application servers to enterprise storage arrays. Unlike software-based IPsec encryption over Ethernet, which imposes measurable CPU overhead on both hosts and storage controllers, Broadcom’s approach offloads encryption entirely to dedicated hardware on the adapter card.

According to independent testing by StorageReview, enabling end-to-end encryption on the Everpure FlashArray//XL130 R5 with Emulex SecureHBAs introduced no measurable performance penalty and zero CPU overhead on either the host server or the storage array. Encryption is negotiated automatically during the standard Fibre Channel login process, requiring no switch reconfiguration, no external key managers, and no changes to the underlying fabric.

The cryptographic stack uses AES-GCM-256 for bulk data encryption, with key negotiation handled by ML-DSA-87 and ML-KEM-1024, the lattice-based algorithms at the core of NIST’s post-quantum standards. An LMS-based Silicon Root of Trust anchors the hardware identity chain, and the system supports SPDM 1.4 for secure device authentication. These algorithms are drawn from NIST’s FIPS 203 and FIPS 204 standards, finalized in August 2024.

“As enterprise customers recognize that HNDL attacks present an ever-increasing threat, closing an infrastructure’s security vulnerabilities becomes a corporate imperative,” said Jeff Hoogenboom, vice president and general manager of Broadcom’s Emulex Connectivity Division, in the press release. “Extending an enterprise’s Encrypt Everything policy from today’s data-at-rest encryption to include PQC-safe in-flight network encryption is the next obvious step for securing mission critical data.”

Why It Matters Now

The urgency behind PQC migration stems from the “harvest now, decrypt later” threat model. State-sponsored actors are widely believed to be intercepting and storing encrypted network traffic today, with the expectation that future quantum computers capable of running Shor’s algorithm will render current public-key cryptography obsolete. Data that must remain confidential for decades, including government communications, financial records, healthcare data, and intellectual property, is already at risk under this model.

NIST’s transition roadmap, outlined in draft report IR 8547, establishes concrete deadlines. RSA, ECDSA, EdDSA, Diffie-Hellman, and ECDH will be deprecated by 2030 and completely disallowed by 2035. The NSA’s parallel CNSA 2.0 framework imposes even tighter timelines for national security systems: all new acquisitions must be compliant by January 1, 2027, and full migration across all system types is required by 2033.

For enterprises outside the national security domain, regulatory pressure is building from multiple directions. The EU’s NIS2 directive and the Digital Operational Resilience Act (DORA) both impose data protection requirements that increasingly point toward quantum-resistant encryption. Broadcom’s Emulex SAN Manager 3.0, announced alongside the SecureHBA, specifically addresses NIS2 and DORA compliance by enabling administrators to identify and manage encrypted ports across entire Fibre Channel environments and generate compliance reports.

The Fibre Channel Gap

Broadcom’s focus on Fibre Channel is strategically significant. While much of the post-quantum migration discussion has centered on TLS for web traffic and VPN tunnels, enterprise storage networks have received comparatively little attention. Fibre Channel remains the dominant interconnect for mission-critical storage in financial services, healthcare, government, and large-scale enterprise data centers, precisely the environments where long-lived sensitive data is most vulnerable to harvest-now-decrypt-later attacks.

The INCITS FC-SP-3 standard, which governs autonomous in-flight encryption for Fibre Channel, provides the protocol foundation for Broadcom’s approach. Everpure’s decision to embed SecureHBAs directly into its FlashArray product line means that encryption can be enabled without deploying separate hardware, reducing the operational burden that has historically slowed encryption adoption in storage environments.

Shawn Hansen, vice president and general manager at Everpure, described the integration as reflecting the reality that “robust data encryption is table stakes” for enterprise storage, according to the announcement. Broadcom has also indicated plans to extend PQC support to VMware vSAN and Microsoft Azure Local environments.

A Fragmenting Standards Landscape

Broadcom’s product aligns with NIST’s ML-KEM and ML-DSA algorithms, but the global PQC standards landscape is fracturing. China announced in its latest five-year plan that it is developing its own post-quantum cryptography standards rather than adopting NIST’s algorithms, citing concerns over potential backdoors in U.S.-developed standards. Beijing’s initiative invites worldwide proposals for alternative algorithms and aims to produce Chinese national standards within three years.

The divergence raises the prospect of a bifurcated cryptographic ecosystem in which enterprises operating across geopolitical boundaries must support multiple incompatible algorithm suites, a complexity that could slow adoption and create interoperability gaps at precisely the moment when speed is essential.

NIST itself continues to diversify its approved algorithm portfolio. HQC, a code-based key encapsulation mechanism, was selected for standardization in March 2025 as a backup to the lattice-based ML-KEM, reflecting concern that a breakthrough in lattice cryptanalysis could undermine the entire primary standard suite. The final HQC standard, expected as FIPS 207, has not yet been published.

What Comes Next

Broadcom’s 120,000-unit shipment establishes a beachhead, but it represents a fraction of the global Fibre Channel installed base. The broader enterprise migration will depend on whether competing storage and networking vendors follow with their own PQC-safe offerings, and whether enterprises treat the NIST and CNSA 2.0 timelines as aspirational or binding.

The January 2027 CNSA 2.0 acquisition deadline for national security systems is less than ten months away. For defense contractors and government integrators, the window to certify and deploy compliant hardware is narrowing rapidly. For commercial enterprises, the 2030 deprecation deadline provides more runway, but the cryptographic migration itself, encompassing hardware upgrades, firmware updates, key management infrastructure, and compliance documentation, is measured in years, not months.

Broadcom’s announcement demonstrates that the hardware to support PQC-safe operations at line speed, without performance penalties, now exists. The remaining question is whether organizations will deploy it before the quantum threat materializes or after.