AI has made attacks by quantum computers vastly more efficient. Hence, Quantropi, a member of the ST Partner Program, aims to curtail this new trend by providing an end-to-end quantum security platform that protects STM32 devices from quantum attacks. The company’s QiSpace platform offers a range of post-quantum cryptographic solutions to protect data during boot, in the application layer, and in transit across the network.
For instance, uLoadXLQ protects firmware at startup by adding a quantum secure digital signature to the bootloader. The solution even works with our Secure Boot Secure Firmware Update mechanism. For application-level security, Quantropi offers functions to quantum securely sign, verify, encrypt, and decrypt individual application data elements. Finally, its Quantum TLS (TLS-Q) implementation safeguards the network communication between IoT devices and public or private clouds.
What is the quantum cryptographic threat?
From Y2K to Y2Q
Taking inspiration from the Y2K bug, Quantropi talks about Y2Q, also called Q-day, meaning the day when quantum computers can break current encryption schemes. The 2021 Quantum Threat Timeline Report had put Q-day at around 2040. However, as Forbes published in 2021, “Q-Day is coming sooner than we think”. In a nutshell, the advent of AI enables attackers to pre-process data and improve the efficiency of quantum algorithms. Consequently, some experts hired but the US Department of Defense now claim that Q-day could happen as early as 2025, according to reports from Reuters.
That’s why regulatory bodies worldwide have begun promoting post-quantum algorithms, which are resistant to quantum attacks. For example, the Office of Management and Budget in America issued a memorandum in late 2022 requiring that “agencies prepare now to implement post-quantum cryptography.”
In the most simplistic terms, encryption methods rely on a mathematical problem that is nearly impossible to solve with traditional computing systems. For instance, to break the RSA encryption, a system must factor the product of two large prime numbers (composite numbers). However, in practical terms, a computer would have to try every number smaller than the result’s square root. According to a commonly held estimate, it would take 300 trillion years to break an RSA-2048 encryption key with today’s computer resources.
From 4,099 qubits to quantum neural networks
Quantum computing throws all these assumptions out of the window. As the Center for Strategic International Studies posits, a quantum computer with 4,099 qubits would need only ten seconds to break that same RSA-2048 encryption key. Today, such a computer is out of reach, as the best quantum systems use a few hundred qubits. However, advances in AI and rapidly accelerating hardware developments are reducing the gap in the quantum capability required to break the RSA scheme. Bad actors can thus envision themselves solving the math problem behind RSA. Y2Q is, therefore, closer than originally thought, which explains the recent emphasis on post-quantum algorithms.
How Quantropi brought PQC to STM32
A hard problem
Post-quantum cryptography (PQC) doesn’t require a quantum computer but a math problem that would take an inordinate amount of time to solve with qubits. For instance, multivariate quadratic (MQ) cryptography relies on solving quadratic polynomial equations with multiple variables (e.g., \(\)f\left ( x_{1},x_{2}, x_{3} \right ) = x_{1}^{2}+2x_{1}x_{2}+3x_{3}+4[\latex])1. Two of the PQCs selected by the National Institute of Standards and Technology (NIST), Crystals-Dilithium and Crystals-Kyber, rely on lattices which are a set of independent vectors. Both revolve around solving a linear equation system based on a lattice where errors have been thrown in to make the resolution incredibly difficult.
An extensive solution
To make post-quantum cryptography more accessible on STM32, Quantropi fully supports the NIST PQCs while also including novel algorithms that require less memory and computing power. ST also worked closely with Quantropi to bring their solutions to as many STM32 MCUs and MPUs as possible. Dedication to security means ensuring that STM32 developers can more easily implement post-quantum protections on all systems before Q-day, even on more resource-constrained systems. Quantropi explained, for instance, how it used tools like STM32CubeMX, which enabled its teams to scale their solutions to nearly all of our microcontrollers and microprocessors.
A growing demand
Quantropi has already deployed their bootloader on STM32H7 devices in the field at the request of a customer who needed PQC. Large companies, including Microsoft, Google, Apple, Amazon, and Meta, have also deployed post-quantum solutions, thus kickstarting adoption. Additionally, more government agencies are requiring that every embedded system they use implement post-quantum security, including products that few would think of, like coffee machines. As these products connect to networks to notify of maintenance cycles or depleted resources, they become a potential attack vector that could help hackers gain access to the wider network. The mandate to use PQC, therefore, applies to them as well, and companies wishing to win government contracts must secure their products against quantum attacks.
Why does an end-to-end solution matter?
Secure communication
The interconnected nature of embedded systems means that an end-to-end solution must include a solution for the cloud and the communication channel between servers and the embedded system. STM32 developers can rely on the QiSpace IoT to Cloud solution from Quantropi to create a quantum secure TLS (TLS-Q) connection to keep their data protected. The nature of the Quantropi solution enables STM32 engineers to implement an end-to-end quantum secure connection today and still be compatible as public cloud services from Microsoft, Amazon, and Google implement new PQC standards in the future. Put simply, STM32 engineers can use the Quantropi solution to get ahead and differentiate their products with advanced post-quantum cryptography.
Secure STM32 systems
The standalone QiSpace SDK is available now for most ST devices. Quantropi also shared that their engineering teams are working on an I-CUBE package to make their solution available within STM32CubeMX. The package should be available in Q4 of this year, providing STM32 developers direct access to the Quantropi QiSpace platform from the ST utility. Put simply, it will be another milestone in our joint efforts to make PQC more accessible on all types of embedded systems. Indeed, as ST continues to work on initiatives like STM32Trust, we want the partner program to ensure developers stay well ahead of future attacks that may compromise their products and users.
- For more information, please read Richter, Maximilian, Magdalena Bertram, Jasper Seidensticker, and Alexander Tschache. 2022. “A Mathematical Perspective on Post-Quantum Cryptography” Mathematics 10, no. 15: 2579. https://doi.org/10.3390/math10152579 ↩