Post-quantum computing IoT security platform meets new NIST standards

Post-quantum computing IoT security platform meets new NIST standards

New Products |
By Rich Pell

The upgraded platform, says the company, is believed to be the first to use post-quantum algorithms recently announced for standardization by the National Institute of Standards and Technology (NIST), particularly the chosen key encapsulation mechanism (KEM), CRYSTALS-Kyber. As part of its recent announcement on post-quantum standards, NIST focused on the applicability of the schemes to embedded devices, including benchmarks of all schemes on the ARM-Cortex M4, demonstrating that post-quantum security on the IoT is a realistic goal.

Elsewhere, NIST standardized multiple signature schemes, including both lattice- and hash-based signatures, and suggested algorithms of future interest that may be standardized later. Crypto Quantique’s KEM-TLS protocol, says the company, is designed to be flexible and can easily be adapted to these changing standards.

“Many IoT installations have a projected operating life of ten years or more,” says Crypto Quantique CEO, Shahram Mossayebi. “During that time, we will see the emergence of quantum computers that will make cyberattacks on IoT devices several orders of magnitude more powerful than they are today. We have already developed a quantum-driven root-of-trust technology for semiconductors that will provide the foundation for secure IoT networks. By ensuring that QuarkLink runs the most advanced post-quantum algorithms, we will provide our customers with unbreakable end-to-end security. Our first demonstration of a post-quantum version of QuarkLink shows how easy we can make it for customers to achieve IoT device security at scale, whatever hackers throw at them, now or in the future.”

QuarkLink is a comprehensive platform for connecting IoT devices with an embedded root-of-trust to server-based applications. Its functions include device provisioning, automated secure onboarding to applications, and lifetime security management. Via a simple interface, users can achieve firmware encryption, signing and secure updates over-the-air, certificate and key renewal, and device revocation. A few keystrokes initiate an automated process for onboarding thousands of devices in minutes to a server platform, or to multiple platforms simultaneously. AWS, Microsoft, and Mosquito are among the cloud services currently supported.

The company worked on the post-quantum version of QuarkLink’s enrolment, relying on a custom, built-in-house variant of the novel KEM-TLS protocol developed with researchers at the Department of Computer science at ETH Zurich. The resulting variant of the KEM-TLS protocol, says the company, is particularly suited to the IoT setting, as its reliance on KEMs as opposed to post-quantum digital signatures lowers bandwidth costs and increases efficiency, without compromising security.

Crypto Quantique

If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :    eeNews on Google News


Linked Articles