AI and Quantum Are Forcing a Rethink of Digital Trust
Summary
DigiCert CEO Amit Sinha tells Dark Reading that the twin waves of AI and emerging quantum capability are fundamentally changing how organisations must establish and maintain digital trust. Machine identities already outnumber human ones by roughly 100:1 in many enterprises, and Sinha predicts that agentic AI could push that toward 1,000:1. At the same time, digital certificate lifespans are shortening, increasing the complexity of lifecycle management. Without automation, identity systems risk failures and outages as they scale.
Sinha argues we now operate in a “zero-trust media” world: deepfakes, AI agents and autonomous actions mean authenticity, provenance and tamper resistance must be cryptographically verifiable. The same signing and verification used for software and documents should be extended to AI outputs and agents. He also warns organisations to become “crypto-agile” — inventory assets and prepare migration paths to quantum-safe cryptography before quantum threats become practical.
Key Points
- Machine-to-human identity ratios are already around 100:1 and could approach 1,000:1 with agentic AI, massively increasing identity scale challenges.
- Certificate lifetimes are shrinking, making lifecycle management more frequent and operationally critical.
- Automation is essential: without it, identity systems are prone to outages and operational failure as scale increases.
- Deepfakes and autonomous agents make trust non‑assumable — content, identities and actions need cryptographic validation for authenticity and provenance.
- Organisations must become crypto‑agile: inventory cryptographic assets and plan transitions to quantum‑safe algorithms and infrastructure.
- Existing mechanisms for verifying software and documents should be extended to AI-generated content and agent actions to ensure tamper resistance.
Content Summary
The interview highlights practical consequences: more non-human identities, shorter certificate lifecycles and a larger attack surface driven by AI. Sinha calls for extending current cryptographic practices (signing, verification, provenance metadata) to AI artefacts and for automating identity and certificate management to avoid outages. He frames AI and quantum as a generational shift in security architecture that requires forward planning, inventorying of assets and readiness to adopt quantum-safe cryptography.
Actionable takeaways include: map non-human identities, automate certificate lifecycle and issuance, digitally sign AI outputs and agent instructions, and create a roadmap for cryptographic migration to quantum-resistant schemes.
Context and Relevance
This piece sits at the intersection of several ongoing industry trends: rapid adoption of agentic AI, increased prevalence of machine identities, tighter certificate policies, and the looming need for quantum-resistant crypto. For security teams and architects, Sinha’s points underline that trust models and operational tooling must evolve — not just policies, but automated tooling and verification mechanisms across the digital estate.
Why should I read this?
Quick and blunt: if you’re responsible for identity, certificates, or the integrity of digital content, this is your wake-up call. It explains why the way you prove who or what did something is about to get a lot harder — and what to start doing now so you don’t scramble later.