Quantum Tech

Protecting hardware in the quantum era

6th February 2024
Paige West

Quantum computing offers huge promise to many industries. However, the paradigm shift in computation also poses an existential challenge to the foundational encryption we use to secure our data. Dr Axel Poschmann, Head of Product Innovation and Security, PQShield further discusses.

Since Shor’s Algorithm was published in 1994, we have known that quantum computers are capable of breaking the public-key cryptography schemes used in RSA and ECC to protect our data.

In 2016, the National Institute of Standards and Technology (NIST) launched a project to find new post-quantum cryptography (PQC) algorithms, specifically designed to resist these quantum attacks. After eight years of work by the global cryptography community, in November 2023 NIST published the draft standards set to be finally standardised in early 2024. With these standards round the corner, how will the implementation of this new cryptography impact hardware and what are the next steps we should be taking on this transition?

Modernising cryptography in hardware

With these standards coming imminently, organisations need to complete a thorough audit to understand if and where they have this vulnerable cryptography and prepare a roadmap to replacing those cryptosystems to quantum secure alternatives. NIST, CISA and the NSA have shared guidance on preparing this roadmap and in the NSA’s recently published CNSA 2.0 it included a timeline for this transition. This means that for all companies that wish to sell products to or will have end products used by the US government agencies will need to transition their cryptography to PQC or risk becoming blacklisted from procurement processes.

Crucially for electronics designers, the NSA requires software/firmware signing, web browsers/servers and cloud services to make CNSA 2.0 the default and preferred option by 2025, and exclusively use CNSA 2.0 as soon as 2030. For traditional networking equipment (e.g., virtual private networks, routers) initial timelines are slightly more relaxed, making CNSA 2.0 the default and preferred option by 2026, and exclusively use CNSA 2.0 by 2030. If you haven’t already begun to develop your roadmap you should be starting today.

Designing for crypto agility

Many companies have gotten ahead of this threat and are already testing implementations of PQC which fall broadly into two categories based on different families of mathematics, hash functions and lattice functions. For some, initial efforts are looking at the hash based signatures given their parallels with existing solutions. However, it is clear from the guidance that these solutions are a temporary solution and ultimately it looks like the lattice based signatures will ultimately be the preferred solution.

As we look to solve this challenge, we find two possible methods to incorporate PQC. The first based on hash functions is more well known but when we look at the list of NIST standards, they are limited to digital signatures. Lattice functions on the other hand are a novel implementation and will require greater investment in testing to ensure security but are more likely to become the primary model for encryption.

The question becomes, what is the lifecycle of your product?

If you expect it to be in the field in five years time then you should be exploring implementation of lattice based functions. Understandably that comes with different power and space requirements, but that in itself opens up further opportunities for innovation.

Accelerating the transition

We are at the starting point in a huge technological shift akin to the transition from the analog to digital age. Hardware manufacturers given their position in the supply chain will play a pivotal role in facilitating this transition. Any organisation that can get ahead of the competition and bring quantum secure products to market is likely to find itself in a market eager for their solutions.

Product Spotlight

Upcoming Events

View all events
Latest global electronics news
© Copyright 2024 Electronic Specifier