Abstract
Upgrade to Post-Quantum Security Without Rip-and-Replace
The Challenge
Secure boot is essential for embedded devices, but at present, ensuring quantum-resilience is a tough practical challenge. However, resilience to the quantum threat is also becoming a compliance issue, and a priority in networking, industrial, medical, and IoT markets. Additionally, regulatory standards such as CNSA 2.0 are now mandating Post-Quantum Cryptography (PQC) into firmware and OS verification flows.
Some of the specific technical challenges remain:
- PQC algorithms increase RAM, flash, and key size requirements
- Boot stages operate under extreme memory constraints
- Brownfield devices cannot afford hardware redesign. Rip-and-replace is not sustainable
- Products can often remain deployed for 10-20 years. The quantum threat is projected within this lifecycle
The Solution
PQMicroLib-Core enables a pure-software, OTA-deployable transition to Post-Quantum Secure Boot PQShield’s ultra-small cryptographic library, PQMicroLib-Core is specifically designed to add quantum resilience to early boot and ROM stages. It allows device and chip manufacturers to introduce PQC signature verification – without the need to change silicon or replace hardware architecture.
