Given the rapid advances in quantum computing, it is urgent now to urge the application of post-quantum cryptography (PQC). Every industry must armor its computing infrastructure against the increasing risk of quantum-enabled attacks. The lack of a singular all-encompassing standard for PQC creates the demand from the developer community for the proactive design of adaptable, future-proof security solutions.
Emerging Requirements for PQC and the Hardware-Software Co-Design
At a recent Security Seminar, the companies governing the evolving PQC requirements and co-design approach of hardware and software were accentuated to attain strong and flexible post-quantum security.
PQC Evolution
The emerging quantum landscape has necessitated guidelines for multiple aspects of PQC. One of the most cited guidelines is the U.S.-based Commercial National Security Algorithm Suite 2.0 (CNSA 2.0), recommending advanced PQC algorithms such as Kyber, Dilithium, LMS, and XMSS.
CNSA 2.0, while good enough as a baseline, is not exhaustive. Here lie its limitations:
Algorithmic diversity gaps: Popular algorithms such as Falcon or Hamming Quasi-Cyclic (HQC) encryption are not completely integrated. The use of multiple algorithms can reduce single points of failure when used strategically.
Regional divergence: PQC regulations are under development in different regions. The Cyber Resilience Act (CRA) of the European Union, China’s proprietary research, and NIST-led standards all produce different compliance requirements. In their PQC strategies, multinational organizations need to consider these differences. Designing Agile PQC Infrastructure With PQC standards still changing, developers face the challenge of designing actual security without locking into obsolete algorithms. A PQC system that is future-ready must, therefore, provide for:
Crypto-Agility
Crypto-agility is a mechanism for developers to switch between cryptographic algorithms seamlessly with capable protocols in updating in the field. Supporting all algorithm types and hybrid models ensure that security systems flex as quantum threats and standards evolve.
Upgradability at Scale
This implies upgrading the infrastructure at scale. Dynamic hardware that can handle new software ensures systems remain secure and performant as algorithms and regulatory requirements change.
High-Quality Entropy
Reliable and unpredictable entropy is essential for the generation of encryption keys and random numbers. International standards are joining the chorus in requiring checks for high-quality entropy to guard against predictable key generation that a quantum computer might favor.
Hardware-Software Co-Design for PQC
Effective PQC cannot talk alone classically. A co-design approach agilely pairs hardware with flexible software towards future-proof systems. QRNGs use the behavior of subatomic particles to generate sequences that are truly unpredictable, so secure, and verifiable entropy at scale.
FPGA enhances the PQC infrastructure as Coprocessors performing complex algorithms efficiently. In their field-upgradable nature, they enable organizations to implement crypto-agility with regional or hybrid algorithmic models without compromising performance and trust.
Staying Prepared for Quantum Threats
PQC is no longer a future concern-it is here. Developers must now create crypto-agile, entropy-assured, and regionally adaptable systems. Leveraging QRNGs and FPGAs enables secure, upgradable cryptographic engines, ensuring resilience against the evolving quantum threat landscape.
(This article has been adapted and modified from content on Lattice Semiconductor.)
