Western Digital has taken a bold step in a part of the infrastructure that often receives less attention than GPUs, AI accelerators, or high-speed networks: the hard drive. The company has announced the integration of post-quantum cryptography into their new high-capacity Ultrastar UltraSMR drives, with the Ultrastar DC HC6100 model as the first prominent example, and states that these units are already in qualification phase with several hyperscale customers.
The significance lies in the fact that artificial intelligence requires not only computing power but also the ability to preserve vast amounts of data over years: training datasets, inference logs, interaction histories, vectors, backups, scientific repositories, industrial data, and archives that may retain value long after being generated. In this context, storage security ceases to be just a technical detail and becomes a strategic concern.
WD is not positioning post-quantum cryptography as an enhancement for data at rest encryption. The focus is on something more specific: protecting the device’s chain of trust, especially the integrity of the firmware, code signing, and key management throughout the disk’s lifecycle. This is an important distinction. The company is not claiming these drives encrypt all content with new algorithms resistant to quantum computers but instead reinforce mechanisms that ensure the firmware the disk runs is legitimate.
The risk of “harvest now, decrypt later”
The threat WD aims to anticipate is known as “harvest now, decrypt later”: collecting encrypted data or cryptographic material today and waiting for future quantum computers to break some current algorithms. This risk is particularly relevant for information with long shelf lives. Not all data needs to remain protected for 20 years, but some do: intellectual property, government information, health data, scientific research, financial records, industrial intelligence, or sensitive critical infrastructure information.
The concern isn’t that a large-scale quantum computer capable of breaking RSA or ECC already exists. The worry is that many deployed infrastructures today will remain operational for years, while stored data can be preserved for decades. Enterprise disks often stay in service through long cycles, undergoing manufacturing, deployment, firmware updates, maintenance, and eventual decommissioning. If the root of trust in the device relies on vulnerable cryptography, migration could be too late.
NIST published in 2024 the first finalized post-quantum standards, including FIPS 204, which defines ML-DSA, a lattice-based digital signature algorithm designed to resist attacks from adversaries with large-scale quantum computers. WD uses ML-DSA-87 for high-security code signing and combines it with RSA-3072 via a dual-signature approach, a hybrid strategy that allows the integration of post-quantum cryptography without abandoning widely deployed classical mechanisms all at once.
The choice of dual signing makes practical sense. In a real infrastructure, changing a single algorithm isn’t enough. There are manufacturing tools, update systems, HSMs, PKI, key rotation procedures, audits, internal validations, and existing fleet compatibilities to consider. The post-quantum transition will be lengthy, and for years many organizations will operate with hybrid models where classical and post-quantum cryptography coexist.
| Element | What WD incorporates |
|---|---|
| Initial product | Ultrastar DC HC6100 UltraSMR |
| Protection scope | Device trust chain and firmware |
| Post-quantum algorithm | ML-DSA-87, defined in NIST FIPS 204 |
| Hybrid mechanism | Dual signature with ML-DSA-87 and RSA-3072 |
| Main focus | Firmware integrity and key management |
| Commercial status | Qualification with multiple hyperscale customers |
Firmware security becomes critical
The mention of firmware is no small matter. In a modern data center, each hard drive is a small computer with its own code, internal controllers, management logic, updates, and security mechanisms. If an attacker manages to make a device accept malicious firmware as legitimate, they can compromise a very deep layer of the infrastructure.
The risk grows even more in the context of future quantum threats. A capable adversary could attempt to spoof digital signatures to pass off a manipulated firmware update as authentic. While not the only scenario, it’s among the most worrying because it affects the root of trust. Once the firmware’s trustworthiness is broken, upper security layers lose much of their effectiveness.
WD states that its implementation aims to protect the trust chain from manufacturing through field service. This includes PKI infrastructure prepared for post-quantum cryptography, hardware security modules, and key lifecycle management processes. Simply put: it’s not just about deploying a new algorithm on the disk but also about adapting the systems that sign, verify, distribute, and maintain the device’s software.
For hyperscalers, this approach has a clear implication. An cloud provider operates millions of storage units. Any security change must be deployable without disrupting operations, introducing incompatibilities, or halting maintenance cycles. Operational compatibility and rollback safeguards are nearly as important as the cryptographic algorithm itself.
AI, cold data, and long-term trust
AI is elevating the value of persistent data. While GPUs grab headlines, large AI systems require a complete storage hierarchy: high-bandwidth memory, hot-tier SSDs, high-capacity drives for bulk storage, and archive systems for long-term retention. Hard drives remain essential where cost per terabyte and density outweigh latency considerations.
UltraSMR, the technology WD has chosen for these high-capacity units, is precisely suited for large-scale deployments. In AI environments, not everything is queried in real-time, but much must be preserved. Training data, older model versions, audit logs, snapshots, telemetry, and data collections may need to be retained for years. If this data is valuable long-term, the cryptographic protections should be designed with that horizon in mind.
This creates a difference compared to traditional endpoint or server security. On a laptop, a firmware update is important. In a hyperscale storage cluster, it’s a systemic issue. Thousands or millions of devices must demonstrate they run signed, verifiable code resilient to future threats. Post-quantum cryptography in disks may not be flashy but could become a foundational element in building trust within AI infrastructure.
There’s also a regulatory aspect. Governments, defense, healthcare, banking, research, and critical operators have been receiving warnings about the post-quantum transition for years. The NSA, with CNSA 2.0, already outlined a roadmap for quantum-resistant algorithms, including uses of ML-DSA for signatures. An announcement from a storage manufacturer beginning to embed these capabilities in enterprise hardware signals that the transition is shifting from plans and documents toward tangible products.
A first step, not a complete solution
It’s important not to overstate the scope of this announcement. Post-quantum cryptography in hard drives doesn’t solve all risks associated with quantum computing. Organizations will need to review TLS, VPNs, certificates, identities, database encryption, software signatures, HSMs, backups, long-term keys, legacy systems, and vendors. The migration will be one of the most complex security tasks in the coming decade.
It also doesn’t eliminate current threats. Ransomware, misconfigurations, stolen credentials, unauthorized access, supply chain attacks, or segmentation failures will remain immediate concerns. A drive with firmware signed using post-quantum algorithms can be part of a more robust architecture but does not replace a comprehensive cybersecurity strategy.
Nonetheless, WD’s announcement signals a shift in mindset. Post-quantum security is no longer a matter solely for cryptographers, governments, and consultancies. It’s starting to become part of physical components that are purchased, installed, and qualified in real data centers. This is significant because infrastructure transitions don’t happen overnight. The first deployments tend to be high-value products for hyperscale clients, gradually expanding to more tiers, manufacturers, and layers across the supply chain.
The company already anticipates extending PQC capabilities to other enterprise lines over time. If this initiative is well received, it’s reasonable to expect other storage and component manufacturers to follow suit. In security, no provider wants to fall behind as post-quantum requirements start appearing on procurement lists for hyperscale and regulated customers.
AI has accelerated the development of more powerful data centers. Now it’s also driving the urgency to protect data that may still hold value when current cryptographic methods fall short. WD’s decision to start at the root of trust—the hard drive—may be less visible but arguably one of the most critical points with minimal margin for error.
Frequently Asked Questions
What has Western Digital announced?
WD has integrated post-quantum cryptography into their new enterprise Ultrastar UltraSMR drives, starting with the Ultrastar DC HC6100, focusing on protecting the device’s trust chain and firmware integrity.
Do these drives encrypt data with post-quantum cryptography?
The announcement focuses on code signing, firmware, and device trust infrastructure, not on replacing data-at-rest encryption with post-quantum algorithms directly.
Which algorithm does WD use?
WD employs ML-DSA-87, defined in the NIST FIPS 204 standard, combined with RSA-3072 via dual-signature to enable a hybrid transition between classical and post-quantum cryptography.
Why does this matter for AI?
Because AI generates and retains large volumes of data over long periods. Securing the infrastructure storing that data against future threats, including quantum computing, becomes increasingly important.
via: westerndigital