Post-quantum cryptography for automotive systems

Autor: Jonas Vith, Daniel Florez, Tim Fritzmann, Johanna Sepulveda
Rok vydání: 2021
Předmět:
Zdroj: Microprocessors and Microsystems. 87:104379
ISSN: 0141-9331
Popis: Automotive systems have become powerful computing platforms with an increasing demand for secure communication. The hyperconnectivity of the Vehicle-to-Everything (V2X) environment drastically increases the attack surface and the need for crypto-agility. In addition, the long lifecycle of automotive products demands that not only current but also future attacks are considered. Thus, empowering automotive devices with efficient, robust, and long-term security solutions is challenging. The foreseeable breakthrough of quantum computers and their threat to traditional cryptography requires that automotive devices are able to efficiently implement quantum secure cryptographic mechanisms, also known as Post-Quantum Cryptography (PQC). One of the most promising PQC approaches is lattice-based cryptography. Among the seven finalists of the NIST third round post-quantum standardization process, five algorithms (three KEM/encryption and two signature algorithms) belong to the category of lattice-based cryptography. While lattice-based cryptography has been previously integrated in general-purpose microcontrollers, their impact on automotive environments has been neglected. To this end, this work presents two contributions. As a first contribution, we provide a performance exploration of four lattice-based KEM/encryption algorithms implemented on the automotive microcontroller AURIX. The exploration includes the three finalists CRYSTALS-KYBER, NTRU, and Saber, together with ThreeBears. Despite ThreeBears was not selected as a PQC finalist, NIST recommended further investigations in this direction due to interesting security and performance characteristics of the algorithm. Our analysis has shown that all of these algorithms can be implemented on the AURIX microcontroller while achieving a competitive performance. As a second contribution, we explore the improvement of the security level of ThreeBears by extending its error correction capability.
Databáze: OpenAIRE