PQC Migration: An Advisory and Case Study (A02c)
The Post-Quantum Cryptography (PQC) is already in effect through already conclusive global as well as regional competitions that accepted standard PQC algorithms. This has in turn sensitized the semiconductor industry to start strategizing about the migration of classical cryptographic engines to PQC-ready and enabled cryptographic hardware accelerators. The basis of migration strategies follows the envisioned phases by standards organizations such as NIST SP 1800-38A, CFDIR, and ANSSI. For instance, the phases 2 and 3 of the ANSSI project a hybridization approach to provide post-quantum security assurance while avoiding any pre-quantum security regression by 2025 and an optional standalone post-quantum cryptographic hardware solution by 2030, respectively. In this presentation, the speaker will explain the solution aligned with the aforementioned strategies via the already deployed Root of Trust that implements cryptoagility. The speaker will also discuss some representative PQC algorithms and the strategies to migrate to the same. For instance, XMSS signature verification happens to be slow compared to its classical counterpart. Thereby a viable approach is to go with a mixed software and hardware system and later a full hardware implementation to cope up with the market needs while also adhering to the timeline projected by the Standard Defining Organizations (SDOs). The talk will also cover the major areas in PQC migration such as retrofitting issues, performance bottlenecks, and management of large unpacked keys. The speaker will provide recommendations to follow that would, in a generic manner, enable IP vendors and integrators to achieve PQC compliances with minimum resource overhead, thus allowing them to optimize the migration timeline in a fast-track view while also in compliance with the newly introduced EU CRA.