BlackBerry announced it will provide support for quantum-resistant secure boot signatures for NXP Semiconductors‘ crypto-agile S32G vehicle networking processors in a demonstration to illustrate how to mitigate the risk of potential quantum computing attacks on in-vehicle software.
The new integration will allow software to be digitally signed using the National Institute of Standards and Technology’s (NIST) recently endorsed CRYSTALS Dilithium digital signature scheme that will be quantum resistant, providing peace of mind to those relying on – and delivering – long lifecycle assets such as systems in critical infrastructure, industrial controls, aerospace and military electronics, telecommunications, transportation infrastructure, and connected cars. The collaboration is set to guard against an increasingly risky future when quantum computers will be able to easily break traditional code signing schemes.
While quantum computing promises to deliver huge leaps forward in processing power, it also has the potential to render today’s public key cryptography useless. In recent months, NATO, the White House and NIST have all taken steps to prepare for a ‘Y2Q’ scenario in which quantum computers become weaponized by threat actors and many widely used security methods become useless against next-generation attacks.
The BlackBerry Certicom Code Signing and Key Management Server leverages the NXP S32G chip’s secure boot flow to achieve fast and agile quantum protection. Using quantum-resistant signature schemes such as Dilithium for low-level device firmware, over-the-air software updates and software bills of material (SBOMs) mitigates the risk of potential quantum computing attacks on critical software updates, addressing a major security concern for a number of industries.
“As quantum computers continue to advance in development, it’s increasingly important to work to secure today’s systems against these future threats,” said Joppe Bos, Senior Principal Cryptographer at NXP Semiconductors. “Collaborating with BlackBerry strengthens our solution to address the critical need to harden code signing and software update infrastructure against future cryptosystem vulnerabilities.”
“In the lead up to Y2K, US business spent upwards of $100 billion to avoid calamity and the issue was simply a matter of adding two digits to the date field. Y2Q, when quantum attacks become possible, is on another level, posing a significant threat to industries selling or operating long-lived assets with updatable software,” said Jim Alfred, VP, BlackBerry Technology Solutions. “NXP shares our vision of mitigating the risk of quantum computing concerns and, thanks to their support for hash-based signatures, together we can provide cybersecurity teams with the tools they need now to prevent their existing security measures from becoming obsolete.”