Unique hardware security keys and Common Criteria
Critical applications and systems that deal with highly sensitive data often require strong user authentication. This can mean that users of a system need to have individual hardware security keys with unique authentication credentials.
Typically, these hardware security keys are based on Common-Criteria-certified (CC) chips. This offers tamper resistance, however compliance with CC also comes with some drawbacks:
- Long-time to market. Unfortunately these chips have a long time to market due to Common Criteria compliance. It’s unlikely that such a chip will support PQC in the short term.
- Lack of programmability. Compliance also makes it harder to configure the design to specific customer requirements.
- High cost. Common Criteria chips are accessible only to a few companies, and it is not possible to source them in low volume. That creates a barrier to entry and the few who have access to those chips can charge more for them, often many times more than the cost of the BOM (bill of materials).
For these reasons, many companies turn to standard microcontrollers to build their own hardware security key for their specified use cases.
PQCryptoLib-Embedded
PQCryptoLib-Embedded is a standard software library which enables you to select which microcontroller to use, and allows the development of any protocol aside or on top of it. It supports the very latest FIPS-certified PQC, and is highly configurable, being designed for small areas such as microcontrollers and processors. This makes it ideal for the strong user authentication case as it’s flexible enough to cope with a wide variety of use cases.
