|
|
|
www.design-reuse-china.com |
|
 |
| D&R中国官方微信公众号, 关注获取最新IP SOC业界资讯 |
後量子密碼學:迎戰未來安全挑戰
With the announcement of post-quantum cryptography (PQC) standards, it would be easy to be fooled into thinking that implementing them would be relatively straightforward.
www.eettaiwan.com, May. 06, 2025 –
Europe: PQC has been in the news for the past few years, but with the recent release of the final standard, the interest seems to have died down. Are security experts quietly advancing the deployment of PQC, or are there serious challenges yet to be overcome?
Shahram Mossayebi: This will be a huge challenge for the entire industry. From a semiconductor perspective, the implementation of new technologies requires solving issues such as side-channel attacks (SCA), performance, and memory management. Additionally, you must update any devices that have a Hardware Security Module (HSM). I think it will take about five years.
At present, although new microcontrollers (MCUs) equipped with PQC functions have been launched one after another, there is still another huge challenge on the enterprise side. Not only do they need to rely on hardware to support new algorithms to ensure complete end-to-end security, but they also need to find, manage and update a large amount of traditional software based on old cryptographic algorithms. The US Cybersecurity and Infrastructure Security Agency (CISA) has provided some recommendations and tools to help enterprises plan and implement PQC algorithms, whether it is a temporary shift to a hybrid mode (traditional cryptography + PQC) or a full transition to a PQC deployment.
EE Times Europe: Side-channel attacks are becoming an increasingly important part of any network security implementation. With the widespread use of low-cost online tools, attackers are becoming more sophisticated and creative in launching SCA attacks. In the testing and selection process of PQC standards, is the ability to resist SCA also considered?
Shahram Mossayebi: Yes, side-channel attacks are one of the key challenges in PQC deployment, but obviously we have learned a lot from past experience. When evaluating PQC algorithm candidates, the National Institute of Standards and Technology (NIST) attached great importance to SCA and eliminated some vulnerable algorithms at an early stage. That's because we already know the kind of math these algorithms use, and protecting them from side-channel attacks is either impossible or difficult.
In the FIPS 203, FIPS 204, and FIPS 205 standards, SCA protection requirements are specifically listed for certain algorithms. NIST has clearly identified the types of SCA risks that developers must be concerned about when implementing these algorithms. Although the industry has made good progress in this regard, in actual application, since these algorithms will be implemented on chips and use new code, it will still take a period of research and verification to find the safest design method.
EE Times Europe: Compared to the difficulties in embedded systems, is implementing PQC algorithms a purely software challenge for enterprise systems?
Shahram Mossayebi: Most people may think that in enterprise systems, the deployment of PQC only involves software, but in reality, the software still needs to be executed on hardware, and when it comes to cryptography, there is always a question of whether you have a secure environment to execute your cryptography.
First, does your HSM support PQC? Some HSMs can be upgraded to support PQC, while others may require major modifications. Google and other cloud infrastructure providers have already started using PQC to perform TLS communications. Obviously, they built the HSM infrastructure to support PQC, all the behind-the-scenes work required, and upgraded from classic cryptography to the new standards. However, even with software upgrades, managing public key infrastructure (PKI) is a huge challenge for enterprise IT infrastructure because it involves a large number of digital certificates for different purposes.
点击阅读更多
Back
成为合作伙伴