London startup Crypto Quantique has worked with researchers at ETH in Zurich to optimise the recently announced post quantum computing algorithms for its security framework for the Internet of Things (IoT).
Crypto Quantique worked with researchers from ETH to optimise the QuarkLink chip-to-cloud IoT security platform using a new key encapsulation method (KEM) called KEM-TLS. This is used with the CRYSTALS-Kyber KEM algorithm approved by NIST last week: Algorithms agreed for post-quantum security standard
This is secured with the CRYSTALS-Dilithium signature to provide a secure key encapsulation framework that is protected against attack by quantum computers in the future. Once the framework is secured, symmetric algorithms such as256bit and 52bit AES can be used, Shahram Mossayebi, CEO of Crypto Quantique tells eeNews Europe.
The resulting variant of the KEM-TLS protocol is particularly suited to the IoT setting, as its reliance on KEMs as opposed to post-quantum digital signatures lowers bandwidth costs and increases efficiency, without compromising security, he says.
- CEO interview: Quantum security for the real world
- Crypto Quantique raises $8M to address IoT security
- Crypto Quantique joins STMicroelectronics partner programme
“Back in 2020 the KEM TLS framework was developed with key encapsulation to reduce the amount of data that needs to be sent so it’s more efficient, but you still need to plug an algorithm in,” he said. “We are using Kyber inside KEM-TLS. What we did with ETH Zurich was optimisations that are more suitable for IoT to make it more efficient using Kyber and we use Dilithium for the initial digital signature. We had an implementation in Rust so we were ready to go,” he said.
QuarkLink is used by Renesas, STMicroelectronics and Microchip to connect IoT devices with an embedded root-of-trust to server-based applications. Its functions include device provisioning, automated secure onboarding to applications, and lifetime security management.
This provides firmware encryption, signing and secure updates over-the-air, certificate and key renewal, which is where the new NIST algorithms would be used in future systems.
A few keystrokes initiate an automated process for onboarding thousands of devices in minutes to a server platform, or to multiple platforms simultaneously. AWS, Microsoft, and Mosquito are among the cloud services currently supported.
“Many IoT installations have a projected operating life of ten years or more. During that time, we will see the emergence of quantum computers that will make cyberattacks on IoT devices several orders of magnitude more powerful than they are today,” said Mossayebi.
“We have already developed a quantum-driven root-of-trust technology for semiconductors that will provide the foundation for secure IoT networks. By ensuring that QuarkLink runs the most advanced post-quantum algorithms, we will provide our customers with unbreakable end-to-end security. Our first demonstration of a post-quantum version of QuarkLink shows how easy we can make it for customers to achieve IoT device security at scale, whatever hackers throw at them, now or in the future.”
“It has been very exciting working with the Crypto Quantique team to research and develop PQC protocols, and to see our research ideas entering deployment in such a short space of time. Kudos to Crypto Quantique for being the first to market with solutions offering security for the long term,” said Kenny Paterson, Professor of Computer Science at ETH
Other articles on eeNews Europe
- Cadence moves into digital twins with acquisition
- Open Standard RISC-V Verification Interface (RVVI) for SOC testing
- Siemens extends mixed signal verification tool with 10x boost
- Renesas restores production after Japan lightning strike