Video distribution, long-term archives and content provenance with post-quantum crypto

European public broadcaster with 1.6 PB archive (MXF, ProRes, DCP). Historical content, documentaries, children's programs. Redistributed via OTT streaming and international licensing.

Current LTO archive with RSA-2048 signatures in MXF manifests. Q-Day breaks signatures — loss of authorship and chain-of-custody proof.

PUCE Archive with versioned signerKeyId (Ed25519 today, Dilithium3 on upgrade). Read-only migration mode: each asset gets a new PQ signature without changing the original payload. Copyright audit trail remains verifiable.

2.8M-subscriber streaming platform. HLS/DASH delivery with token-based signing. Premium content (films, series, live sports).

JWT tokens with ECDSA. An attacker can forge tokens post-Q-Day and serve premium streams without paying. DRM (Widevine/PlayReady) depends on today's classical certificate chains.

PUCE Stream (cyan accent in portal) with TTL-PQC tokens. Embeddable Player SDK (iframe or drop-in JS) validating ML-DSA-44 signatures locally. PUCE Archive manifest signing proves original content (anti-piracy).

European news agency publishing 3,200 photos/videos/day. Adhering to Content Authenticity Initiative (C2PA) to combat deepfakes.

C2PA manifest v1.3 allows RSA / ECDSA — signatures will not survive Q-Day. A photo published today may have forged provenance in 2035.

PQSL Enterprise with ML-DSA-44 (compact, < 3 KB signature) in every C2PA manifest. Camera → editing-suite → CMS: end-to-end signed pipeline. C2PA v2 compatible (PQ algorithms roadmap).