Secure boot in a hybrid solution
When it comes to secure boot, hardware needs to be optimized for security and speed of operation, and with the advent of quantum computing, an additional layer of protection to the traditional algorithms used. The transition to quantum-resilience is likely to involve hybrid stages, where PQC operates alongside existing legacy cryptography, and consequently, secure boot is required to be hybrid.
PQPlatform-SubSys
PQPlatform-SubSys is designed for ease of integration with hybrid in mind. It does not require the device’s processor, and can be used for FPGAs without any on-chip processor. PQPlatform-SubSys supports classical and post-quantum hybrid signature generation, verification, and secure key establishment, optimized for low resource requirements. It performs authentication (signature check) and optional decryption of the boot file. After booting, PQPlatform-SubSys is then available as a cryptography engine for applications on the device, including second stage boot loader requirements.
