Post-Quantum Cryptography on an Automotive HSM??

Quantum computers are not a far-off dream anymore—they are increasingly becoming a reality, and that brings challenges for the future of secure communications. Traditional public-key cryptosystems like RSA and ECC are vulnerable to quantum attacks, making the transition to post-quantum cryptography (PQC) a vital consideration for businesses planning long-term security solutions, especially those in the Automotive and industrial sectors. With emerging standards from NIST, post-quantum algorithms are paving the way for a new era of cryptographic resilience. However, until now, no commercially available HSM solutions offered support for these post-quantum algorithms, leaving industries like automotive, aerospace, and industrial that rely on HSM security struggling to adopt these critical technologies. Until now.

Enter wolfHSM, our innovative Hardware Security Module (HSM) firmware framework, designed to bring state-of-the-art cryptography to HSM platforms. wolfHSM delivers a unified API for secure cryptographic operations, object storage, and key management on hardware platforms with HSM coprocessors. This allows applications to harness a device’s hardware root of trust while providing a streamlined abstraction for offloading cryptographic operations to the HSM via the wolfCrypt API.

Built on the flexibility of wolfCrypt, wolfHSM enables easy integration of a wide range of cryptographic standards, from trusted legacy algorithms to cutting-edge standards like the latest in post-quantum. This adaptability is what sets wolfHSM apart from the legacy Automotive HSM’s. With traditional HSM solutions, you’re stuck with a fixed set of algorithms, with no option to adapt to evolving security requirements. wolfHSM changes the game—it empowers you to deploy any algorithm supported by wolfCrypt as needed, including post-quantum algorithms. You can easily pivot from RSA or ECC to quantum-resistant alternatives like ML-KEM (Kyber), ML-DSA (Dilithium), Falcon, or LMS/XMSS. This will give you flexibility to meet evolving government regulations like CNSA 2.0, UN R155, and others.

As the cryptographic landscape shifts toward quantum resistance, the inherent flexibility afforded by wolfHSM is an easy way to reduce risk when developing your application. With wolfHSM, your application can evolve with these changes—supporting new standards as they emerge and swapping algorithms without the need for expensive hardware changes. With wolfHSM, adding post-quantum cryptography to your HSM-based applications is as straightforward as using standard algorithms like RSA or AES, giving you future-proof security today.

Whether you need to prepare your infrastructure for quantum-safe cryptography or simply want to keep your cryptographic options open, wolfHSM has you covered. wolfHSM’s intrinsic crypto-agility ensures that new requirements can be met quickly and securely without the need for a complete overhaul of your existing infrastructure. This means peace of mind, knowing that your security is always one step ahead of the next threat.

wolfHSM supports a variety of automotive HSM platforms, including the Infineon AURIX TC3xx, ST SPC58N, and Renesas RH850, but can be ported to run on any device—bringing crypto agility and quantum resilience to your platform of choice.

Interested in taking your HSM application into the quantum age? Want to use post-quantum algorithms like LMS, ML-KEM, ML-DSA, or XMSS on an AURIX TC3xx HSM? Let us know! Reach out to us at facts@wolfSSL.com, and let’s discuss how we can help future-proof your security.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

Download wolfSSL Now