“If you imagine a hardware device, it’s a stack, we’ve got apps at the top, and we’ve got layers of firmware down to the immutable hardware layers. I think it’s really crucial that the foundations, the hardware and the lower levels of firmware, are secure.” – Thalia Laing
Quantum threats are no longer a future problem; they are a design challenge that is already shaping today’s hardware strategy. In the latest episode of Shielded: The Last Line of Cyber Defense, Thalia Laing, Principal Cryptographer and Security Researcher at HP Security Lab, joins host Jo Lintzen to discuss how HP strengthens device foundations for the quantum era.
From embedding hybrid cryptography into firmware to defining enterprise priorities for migration, Laing explains why post-quantum readiness must begin in hardware.
Securing the Foundation Before Everything Else
For Laing and her team, quantum resilience begins in the physical roots of trust, the immutable hardware that supports every cryptographic process above it. HP Security Lab works across the full device stack, from lightweight endpoint controllers to large-scale management systems, ensuring protection where trust originates.
This philosophy led to HP’s quantum-safe Secure Boot, introduced in March 2024, well ahead of final NIST PQC standards. The release used RSA plus LMS hybrid signatures, a practical balance between established assurance and quantum-safe design.
RSA provided proven certification continuity, while LMS, standardized by NIST and IETF, brought hash-based resilience for the long term. The result was a boot process that validates firmware integrity each time a device powers on or resumes from hibernation, maintaining both security and performance.
Hardware Migration as a Multi-Year Strategy
Migrating hardware for quantum resistance requires years of coordinated design and manufacturing effort. Laing explains how HP teams prioritized Secure Boot early by aligning migration sequencing with device lifespan and potential compromise impact.
“We worked to prioritize what required migration first, given the long lifetimes, the time needed to complete migration, and the impact if compromise occurred. Secure Boot was identified as a critical element to migrate sooner rather than later.” – Thalia Laing
By focusing on components that cannot be updated in the field, HP ensures that devices already in circulation remain trustworthy when quantum-enabled adversaries appear.
Visibility Begins with Inventory
Quantum readiness depends on clarity. Laing underscores the need for a crypto inventory that includes both software libraries and hardware-embedded cryptography, often absent from enterprise visibility.
“A crypto inventory is a record of an organization’s crypto assets. It includes keys, certificates, algorithms, libraries, and protocols. The main reason is risk management. Without knowing what keys exist, it is impossible to identify vulnerable keys or insecure parameters.” – Thalia Laing
Most automated tools cannot detect cryptography hidden in firmware or silicon. Without deliberate inventorying, organizations risk overlooking foundational vulnerabilities that cannot be corrected after deployment.
Hybrid Cryptography: Bridging Confidence and Innovation
Hybrid signatures, combining classical and post-quantum algorithms, form a crucial bridge between legacy systems and quantum-ready infrastructure. While the U.S. government’s CNSA 2.0 does not require hybrids, the European Union promotes them as a transitional safeguard.
“Hybrid is a fascinating tool. It is a key element in the transition. Opinions differ, but both the U.S. and E.U. have taken strong positions on its value.” – Thalia Laing
By nesting LMS within RSA, HP preserves certification pathways while introducing quantum-safe assurance. This hybrid method also supports diverse regional regulations without fragmenting architecture.
Two Buckets That Guide Quantum Migration
Laing defines HP’s migration priorities through two focus areas.
The first covers data requiring long-term confidentiality, which may face harvest-now-decrypt-later risk.
The second concerns long-lived, hard-to-update hardware, such as business PCs and printers that stay operational for five years or more.
“When we set priorities, we group them in two buckets. One covers data that needs long-term confidentiality. The other, particularly relevant to HP, covers long-lived hardware that is difficult to update.” – Thalia Laing
This framework balances immediate cryptographic exposure with the realities of product lifespan, ensuring every layer of HP’s portfolio remains durable and secure.
Future Foundations: Quantum-Safe by Design
As emerging technologies such as AI, edge computing, and new hardware architectures advance, Laing views quantum-safe cryptography as the next foundation of trust.
“Quantum-safe crypto will become foundational, while classical cryptography remains fundamental to everything we do. New architectures and emerging technologies will rely on it.” – Thalia Laing
The evolution strengthens, rather than replaces, classical methods, expanding the need for hybrid agility, secure hardware roots, and proven implementations that endure for decades.
The Takeaway: Secure the Root, Sustain the Future
Thalia Laing’s message is clear: post-quantum security begins where trust originates, and that’s in hardware. Through hybrid algorithms, transparent inventories, and long-term design discipline, HP is creating a product ecosystem built for quantum-era endurance.
Quantum readiness has already reached the hardware layer, and each secure boot is a step toward resilience that will last well into the future.
Listen to the full conversation with Thalia Laing on Shielded: The Last Line of Cyber Defense, available on Apple Podcasts, Spotify, and YouTube Podcasts.
About Thalia Laing
Thalia Laing is the Principal Cryptographer and Security Researcher at HP Security Lab, where she leads research and implementation initiatives in post-quantum cryptography, hardware-based security, and trusted computing. She has played a key role in HP’s development of quantum-safe Secure Boot for business PCs and printers, integrating hybrid RSA + LMS architectures that strengthen firmware integrity and protect devices throughout their lifecycle. Over nearly eight years at HP, she has contributed to advancing cryptographic standards, security innovation, and enterprise readiness for the quantum era.
Thalia holds a PhD in Cyber Security from Royal Holloway, University of London, where her research on enhanced threshold schemes explored the balance between security and efficiency in distributed cryptographic systems. A member of the NIST NCCoE Migration to PQC Project, she continues to collaborate across industry and academia to accelerate the adoption of quantum-resistant security technologies. Known for her rigour and clarity in applying cryptography to real-world engineering, Thalia focuses on designing security foundations that endure across generations of hardware and emerging post-quantum standards.