Crypto Quantique announces first post-quantum cryptography IoT security platform compliant with new NIST standards
NIST has announced CRYSTALS-KYBER for key establishment algorithm stadardisation.
LONDON, July 11th, 2022 — Crypto Quantique, a specialist in quantum-driven cybersecurity for the internet of things (IoT), announces a post-quantum cryptography (PQC) version of its QuarkLink chip-to-cloud IoT security platform. The upgraded platform is believed to be the first to use post-quantum algorithms recently announced for standardization by the National Institute of Standards and Technology (NIST), particularly the chosen key encapsulation mechanism (KEM), CRYSTALS-Kyber.
As part of its recent announcement on post-quantum standards, NIST focused on the applicability of the schemes to embedded devices, including benchmarks of all schemes on the ARM-Cortex M4, demonstrating that post-quantum security on the IoT is a realistic goal. Elsewhere, NIST standardized multiple signature schemes, including both lattice- and hash-based signatures, and suggested algorithms of future interest that may be standardized later. Crypto Quantique’s KEM-TLS protocol is designed to be flexible and can easily be adapted to these changing standards.
QuarkLink is a comprehensive platform for connecting IoT devices with an embedded root-of-trust to server-based applications. Its functions include device provisioning, automated secure onboarding to applications, and lifetime security management. Via a simple interface, users can achieve firmware encryption, signing and secure updates over-the-air, certificate and key renewal, and device revocation. A few keystrokes initiate an automated process for onboarding thousands of devices in minutes to a server platform, or to multiple platforms simultaneously. AWS, Microsoft, and Mosquito are among the cloud services currently supported.
Crypto Quantique worked on the post-quantum version of QuarkLink’s enrolment, relying on a custom, built-in-house variant of the novel KEM-TLS protocol developed with researchers at the Department of Computer science at ETH Zurich. The research was led by led by Professor Kenny Paterson. The resulting variant of the KEM-TLS protocol is particularly suited to the IoT setting, as its reliance on KEMs as opposed to post-quantum digital signatures lowers bandwidth costs and increases efficiency, without compromising security.
Crypto Quantique CEO, Shahram Mossayebi, said: “Many IoT installations have a projected operating life of ten years or more. During that time, we will see the emergence of quantum computers that will make cyberattacks on IoT devices several orders of magnitude more powerful than they are today. We have already developed a quantum-driven root-of-trust technology for semiconductors that will provide the foundation for secure IoT networks. By ensuring that QuarkLink runs the most advanced post-quantum algorithms, we will provide our customers with unbreakable end-to-end security. Our first demonstration of a post-quantum version of QuarkLink shows how easy we can make it for customers to achieve IoT device security at scale, whatever hackers throw at them, now or in the future.”
Kenny Paterson, Professor of Computer Science at ETH, commented: “It’s been very exciting working with the Crypto Quantique team to research and develop PQC protocols, and to see our research ideas entering deployment in such a short space of time. Kudos to Crypto Quantique for being the first to market with solutions offering security for the long term.”
Background to this Development
This work described above was made possible through the Eurostars programme in partnership with ETH Zurich. The program’s goal was to create the world’s first quantum-driven cyber security platform to protect IoT devices from cyber-attacks. Eurostars funds multiple projects across Europe every year, with over 29% of applications receiving funding and 1.75 Billion in public/private funds invested since 2014.
This project received funding from the Eurostars-2 joint programme with co-funding from the European Union Horizon 2020 research and innovation programme.
This recent development is just another example of the readiness of Crypto Quantique to address the security needs of the IoT industry by actively developing with the most cutting-edge algorithms, now standardised by NIST. Post-quantum computing will become a necessity, and an early start in understanding what that process entails will save money, time, and effort.
About Crypto Quantique
Crypto Quantique has created the world’s most secure end-to-end IoT security platform. At its heart is the world’s first quantum-driven semiconductor hardware IP, called QDID, that generates multiple, unique, unforgeable cryptographic keys for devices manufactured using standard CMOS processes. The keys do not need to be stored and can be used independently by multiple applications on demand. When combined with cryptographic APIs from the company’s universal IoT security platform, QuarkLink, the solution creates a secure bridge between silicon, device, software, and solutions provider.
The company, which is based in London, UK, was co-founded by Dr Shahram Mossayebi (CEO), an expert in cryptosystems, and Dr Patrick Camilleri (VP Research & Innovation), a semiconductor designer with significant experience in complex parallel computer systems.
Ben Walshe, Head of Marketing, Crypto Quantique