“Quantum computing is no longer science fiction, it’s happening right now,” said Amit Rao, Founder of the IoT Security Foundation Bangalore Chapter in an apt summary of where we are with post-quantum cryptography (PQC), a technique for securing systems and devices against future capabilities of quantum computers which can crack conventional encryption algorithms.
Rao was speaking at the IoT Security Foundation’s latest webinar on post-quantum cryptography, which sought to provide guidance and practical advice on how organisations could secure themselves going forward. Javier Orensanz Martinez, CEO, and Pascal Nasahl, Senior Engineer at lowRISC also presented as they discussed adopting a root of trust silicon design for PQC.
Fundamentally, Rao advised organisations to begin the transition towards quantum-secure systems and devices now, as although a timeline shown in the webinar suggested we are 10 to 15 years aware from quantum computers being realised (known as Y2Q, or, ‘Years-to-Quantum’), the scale of preparation required is significant.
In framing the impacts of algorithms being cracked, Rao said: “For IoT devices, this represents a fundamental breakdown of security. Authentication can no longer be trusted. Confidentiality of data will be lost and system integrity will collapse. The consequences are going to be severe.”
Because of the nature of IoT devices, where they are built to last decades in critical sectors like medical and industrial, they’re particularly susceptible to this.
However, traditional PQC algorithms don’t translate well into IoT devices, which tend to be resource constrained. Resource constraints, firmware limitations, the overhead of PQC and latency issues were all cited by Rao as challenges in the path to making IoT devices quantum-secure.
“The key takeaway here is crypto agility,” he explained. “We need to design IoT systems that could swap out cryptographic algorithms as standards evolve, without ripping out the hardware or cutting a device lifecycle short.
“For IoT, crypto agility isn’t optional. It’s the only way to survive the post-quantum transition.”
Combining PQC algorithms
The National Institute for Standards and Technology (NIST) in the US has standardised several cryptographic algorithms to ease this transition: CRYSTALS-Kyber is the PQC standard of choice because it’s fast and efficient, but Falcon has been created for constrained devices where space and speed are important. CRYSTALS-Dilithium is another.
These algorithms could be combined in a hybrid approach, Rao explained, to get the best of both worlds: using Kyber as the foundation, it could be combined with Dilithium for stronger security needs in industrial IoT, or Falcon for speed.
“When we talk about IoT deployments across industries, the answer lies with the way we deploy them, which is all about crypto agility,” said Rao. “This simply means designing systems that can adapt to new cryptographic algorithms without requiring a complete hardware replacement.”
In doing so, algorithms can be updated over the air, for devices out in the field to enable them to adapt to future threats without having to be pulled out of operation; much like you would update your smartphone on the go.
Adopting PQC and classic algorithms stands organisations in good stead to be secure from both current and future attacks.
“Hybrid cryptography comes with trade-offs,” Rao noted. “You’ll see higher CPU cycles, more memory, greater bandwidth needs, [and] more firmware complexities. In the real world, that will translate to, for example, 20 to 50% more power consumption.”
This means designers do need to embrace a hybrid cryptography approach but while focusing on designing devices to be efficient and agile.
Designers and developers need to think about several key aspects:
- Leverage hardware acceleration
- Pick efficient algorithms
- Optimise code and memory usage
- Keep track of schemes suited for IoT devices
Quantum resilience is a regulatory requirement
Focus on quantum resilience is not just a “technical shift” but “increasingly a regulatory mandate worldwide”, Rao said. US agencies, for instance, are already beginning migration to quantum resilient systems. The Cybersecurity and Infrastructure Security Agency (CISA) and Department of Homeland Security have also published their roadmaps.
Rao also mentioned the EU has issued recommendations for PQC adoption, aiming for the end of 2030; and the UK’s National Cyber Security Centre has laid out a plan beginning 2028, aiming to be completed by 2031.
“This means that crypto agility and planning migration is not only about security resilience, but also about staying compliant with upcoming global regulations,” he said.
A practical roadmap organisations could adopt in the journey to become quantum resilient starts with assessing their existing requirements.
“Which devices use cryptography, what are their expected life spans? Which are the most critical to your operations. This inventory is really crucial for prioritisation.”
The next step is starting with NIST-approved algorithms, and could include downloading the Open Quantum Safe library to run benchmarks on your devices. Making use of these resources could make the process less daunting for organisations. Ultimately, devices will need to be designed with crypto agility from the start.
Companies like BMW, Siemens, Philips, and Cisco were all cited as organisations that are testing PQC, but aren’t yet ready. They do, however, exemplify the importance of starting early with PQC and learning as they go.
“Those who delay will risk market inclusion, operational disruption, and severe security breaches,” concluded Rao.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by visiting our LinkedIn page.
