PQCryptoLib-Embedded and the Quantum Threat

Back
Topics: Comment
Date: 04/11/2024

Key Takeaways

  • Quantum computing introduces major risks to existing cryptographic systems
  • An embedded post quantum cryptography library enables long-term protection for constrained devices
  • NIST standardisation has accelerated post quantum cryptography adoption across industries
  • Embedded systems face unique challenges including limited resources and long lifecycles
  • PQShield’s PQCryptoLib-Embedded delivers scalable, standards-aligned security

The Quantum Threat and Embedded Post Quantum Cryptography Library

The invention of quantum computing could be another significant leap in technology, projecting us forwards into a new era of growth and progress. However, it also presents a serious cybersecurity threat to embedded systems everywhere, making an embedded post quantum cryptography library essential.

How Quantum Computing Changes the Landscape

A quantum computer leverages the principles of quantum mechanics to generate enormous computational power unavailable to classical supercomputers. As a result, they could be able to solve specific problems, such as the complex modelling required for drug discovery or the creation of energy-efficient systems and processes.

However, quantum computers could also be used to break a very different kind of problem – the mathematical techniques that currently keep our online data safe in traditional Public Key Cryptography.

Why Current Cryptography Is at Risk

Public Key Cryptography algorithms rely on mathematical “trapdoors”, operations that are easy to apply, but difficult to undo without additional information. The central idea is that a public key lets you apply the trap door (encrypt), and only the corresponding private key enables you to safely decrypt. Without the private key, the information remains secure because the mathematical problem is too difficult to solve.

In the 1990s, mathematicians began developing new techniques to figure out how to solve some of these ‘hard’ problems. Peter Shor’s algorithms were major breakthroughs, showing for the first time that there is a path to breaking public-key cryptography. To run Shor’s algorithms, a computer would require a vast amount of processing power – far more than is possible for any classical computer.

Now, the rapid advancements in quantum computing mean the public key schemes that protect our embedded systems today, such as RSA and ECC, are at risk of being broken, reinforcing the urgent need for an embedded post quantum cryptography library.

NIST Standardization

As a result of the quantum threat, the field of post-quantum cryptography (PQC) has emerged – a community of academics, researchers, engineers and organisations, with a view to updating cryptography to quantum resistance.

In 2016, the United States National Institute of Standards and Technology (NIST), launched the formal process to develop and standardize a set of post-quantum algorithms, submitted by the post-quantum cryptography community.

Key Objectives

  • Key agreement including key exchange, encryption, and KEMs
  • Digital signatures for authentication, integrity, and non-repudiation
  • In 2024, NIST announced the standardisation of three major algorithms:
  • FIPS 203 ML-KEM (Kyber)
  • FIPS 204 ML-DSA (Dilithium)
  • FIPS 205 SLH-DSA (SPHINCS+)

An additional algorithm, FN-DSA (FALCON), is expected to follow.

The publication of standards is a milestone in the story of PQC, and it’s certainly come at a point of transition in 2024.

The following diagram, an example timeline recommended by the Canadian National Quantum-Readiness Working Group, shows how the shift from Stage 1 (preparation for migration) is impacting the conversation, shifting the focus to implementation and compliance (Stage 2).

Protecting Embedded systems

As NIST’s standards come into place, bringing embedded systems into alignment with them presents a specific challenge.

Embedded systems are:

  • Specialized by design
  • Limited in memory, bandwidth, and compute
  • Often deployed for long lifecycles
  • Sometimes physically exposed or difficult to access

These factors make them particularly vulnerable and harder to upgrade. As a result, integrating an embedded post quantum cryptography library becomes a critical step in securing these systems.

The regulatory landscape

Governments and security agencies worldwide are recognising the urgency of PQC adoption.

Recent developments include:

  • US government initiatives such as CNSA 2.0
  • Guidance from Germany’s BSI
  • Recommendations from the UK’s NCSC
  • Policies from France’s ANSSI

The consistent message is clear. Organizations should already be planning and implementing post-quantum cryptography.

For embedded systems, this further strengthens the case for adopting an embedded post quantum cryptography library as part of a long-term security strategy.

How can this be applied practically to embedded systems?

PQCryptoLib-Embedded

As the regulatory landscape and NIST standardisation efforts highlight, protecting embedded systems against quantum threats is an immediate concern for industries reliant on secure, long-lasting devices.

PQCryptoLib-Embedded is PQShield’s response to this challenge, a state-of-the-art solution engineered to bring robust post-quantum cryptographic capabilities to memory-constrained environments. Designed to serve embedded systems with specific performance and resource limitations.

Compatibility and Support

  • Works across microcontrollers and embedded platforms
  • Supports ARM, RISC-V, and x86 architectures

Cryptographic Capabilities

  • Implements ML-KEM, ML-DSA, and SLH-DSA
  • Includes both post-quantum and classical algorithms
  • Supports key encapsulation, signatures, and encryption

This combination ensures flexibility and security across a wide range of applications.

Performance and Efficiency

PQCryptoLib-Embedded is built with efficiency in mind, ensuring optimal performance for constrained devices.

Key Features

  • Highly configurable architecture to minimise binary size
  • Selective inclusion of cryptographic functions
  • Optimised memory usage

It supports deployment in bare-metal environments, improving processing efficiency and reducing latency.

Integration with hardware hash engines allows offloading of intensive operations, improving performance for hash-based signature schemes.

This makes PQCryptoLib-Embedded a highly effective embedded post quantum cryptography library for real-world applications.

Security and Assurance

Security is at the core of PQCryptoLib-Embedded.

Built-In Protections

  • Defence against malformed input attacks
  • Resistance to timing-based cryptanalysis
  • Extensive fuzz testing to reduce implementation bugs

Verified Reliability

  • Formal verification of ML-KEM implementations
  • Alignment with FIPS 140-3 and related standards
  • Pathway to ACVP and CMVP certifications

These features ensure that PQCryptoLib-Embedded meets the highest standards expected of an embedded post quantum cryptography library.

Build Securely with PQShield

Quantum computing presents a fundamental risk to traditional cryptographic methods. Every industry must modernise its approach to security.

An embedded post quantum cryptography library is a critical component in this transition, especially for systems that cannot be easily upgraded.

With PQCryptoLib-Embedded, PQShield provides a powerful, flexible, and standards-aligned solution to help organisations secure their embedded devices and infrastructure.

Get in touch with PQShield today to start building secure, quantum-ready systems and stay one step ahead of emerging threats.