The disruptive potential of Quantum computers to break current cryptographic algorithms poses a significant threat to global IT security. PQC security will require adjustments to address currently unknown threats. However, as security is wholly dependent on the security of the firmware update mechanism, it is critical that Hash-based signatures (HBS) are implemented within firmware update mechanisms now.
Quantum computers use quantum mechanical phenomena to create incredibly powerful computers that will be able to perform tasks that exceed the capability of conventional computers. Already proven on a limited scale, governments are pouring billions into continued research in this area, with the goal of making it a reality in the next two decades. In fact, just recently the UK government acquired their first quantum computer to explore the value of the technology in defense.
While the main intent is to massively enhance computing power for scientific applications, the disruptive potential of these machines to break current cryptographic algorithms poses a significant threat to global IT security. Asymmetric cryptosystems such as RSA / ECC are particularly vulnerable, while symmetric algorithms such as AES-256 and SHA-256 are less affected and considered safe, at least for now.
It can be expected that most consumer devices like smartphones or tablets will naturally be upgraded before quantum computing arrives en-masse, so there may be less urgency with these devices. However, infrastructure such as power stations, factories, public transport etc. will remain in use after quantum computing arrives – as will many modern vehicles that receive software updates over the air.
As soon as a quantum computer is in the hands of professional adversaries, critical infrastructure is at risk. The threat will evolve so there will be no ‘forever’ solution, but quantum computing risks must be mitigated now – as far as is possible. This has been recognized by the National Institute of Standards and Technology (NIST) who are actively working on quantum-safe public-key encryption, key exchange and digital signatures. In the meantime, stateful hash-based signatures are being considered as an interim approach.
Stateful Hash-based Signatures
Hash-based signatures (HBS) are ‘stateful’ asymmetric post-quantum cryptographic schemes meaning that only a limited number of signatures can be generated with a private key and previously used keys require management. However, careful state management is essential as HBS schemes may be trivially broken if a private key is reused.
Using stateful HBS for signature verification is rapid with embedded platforms and can be made faster with hashing coprocessors. Key generation and signing may also be implemented on embedded security devices since they allow the secured control of private keys and their state(s). Overall, HBS are very well-suited to firmware updates, especially as they are the sole asymmetric post-quantum computing (PQC) algorithms currently standardized.
PQC security hardware – OPTIGA™ TPM SLB 9672
Infineon’s OPTIGA TPM SLB 9672 includes a PQC-protected firmware update mechanism and is certified to meet the Common Criteria standard and compliant to the TCG 2.0 rev. 1.59 specification as well as the new NIST standard, SP 800-90B.
The new device offers stronger cryptographic algorithms including RSA 3k & 4k, SHA-384 and ECC 384, giving a 192-bit symmetric security level. This will extend to 256 bits by adding support for SHA-512 and ECC-521 in the future.
The firmware update mechanism itself is more resistant to quantum attacks as it uses XMSS signatures. The Infineon update authority can handle stateful XMSS keys, keeping firmware updates secured and allowing continuity. Conveniently, the OPTIGA™ SLB 9672 can transparently check the XMSS signature to validate the transferred payload.
The OPTIGA SLB 9672 is compatible with Intel x86, ARM and other platforms and applications include servers, PCs, general computing, and data storage. It also supports a wide range of gateways, routers, wireless access points, network interface cards and switches.
Supporting the development process
The OPTIGA TPM SLB 9672 RPI evaluation board provides a quick and easy way for developers to get started using the device in conjunction with a Raspberry Pi. Supplied as a Raspberry Pi HAT (hardware attached on top), this add-on simplifies the connection of all Raspberry Pi 40-pin GPIO boards.
To enable easy evaluation and integration of the board, Infineon also provides the OPTIGA™ TPM 2.0 Explorer, a GUI-based software tool that allows designers to explore the benefits of TPMs in a wide variety of applications without deeper knowledge of the product.
With the tool designers can initialize a TPM 2.0, display all properties and perform a complete reset when necessary. The non-volatile memory (NVRAM) can be managed, and PCR indexes handled as well as defining entry and recovery from a lockout event. The GUI provides immediate visual feedback allowing commands run and responses received to be reviewed and rapidly understood.
For PC users, the OPTIGA TPM SLB 9672 PC evaluation board allows developers to familiarize themselves with the SLB 9672 TPM. When used along with Infineon’s simple command line interlace tool – the Embedded Linux TPM Toolbox 2 (ELTT2) and T4TPM2 for Linux and Windows respectively – developers can simply connect the plug-and-play device to the SPI interface on a PC motherboard. This allows the testing and integration of a TPM solution into a platform running one of many operating systems including Windows 10/11, Linux, Windows 10/11 IoT Enterprise, Windows Server IoT, and more.