Impacts of post-quantum cryptography on automotive security

  • Classical asymmetric cryptography will no longer be secure against attacks using large-scale quantum computers. Therefore, transitioning to quantum-secure systems should be considered. Security-relevant functions and protocols in the automotive context such as key management system, secure boot, secure diagnostic access, and TLS currently rely on classical asymmetric cryptography to ensure the confidentiality, integrity, or authenticity of the software and the communication. To transition to post-quantum secure automotive functions, classical asymmetric cryptographic algorithms should be replaced by post-quantum secure schemes. Significant challenges arise for OEMs as post-quantum schemes have different performance and key sizes compared to classical schemes. In this work, the impacts of transitioning to post-quantum cryptographic schemes on such functions and protocols are analyzed. Four post-quantum schemes from NIST third-round finalists were considered, which are on the one hand CRYSTALS-Kyber and Saber as KEMs, and on the other hand CRYSTALS-Dilithium and FALCON as digital signature schemes. Three of those schemes have been lately standardized by the NIST, which are CRYSTALS-Kyber, CRYSTALS-Dilithium, and FALCON. Additionally, benchmark results of implementations of those schemes on different hardware targets (AurixTC375, Renesas R7F7015032, Raspberry Pi 2 and 4) are provided. The hardware targets represent different classes of ECUs in today’s vehicles. The results include the execution time, stack consumption, and code size of those schemes. Since for some ECUs –depending on the use case – only the signature verification is relevant, the necessary code sizes for signature verification of both CRYSTALS-Dilithium and FALCON are analyzed separately.

Download full text files

Export metadata

Additional Services

Share in Twitter Search Google Scholar
Author:Aaron RathwegGND, Abdelrahman OsmanGND, Andreas FleigGND, Efstathia KatsigianniGND, Alexander TschacheGND
Parent Title (English):11th escar USA 2023, June 20 - 23, Plymouth, Michigan (Detroit): The World's Leading Automotive Cyber Security Conference
Subtitle (English):A case study
Document Type:Conference Proceeding
Date of Publication (online):2024/01/09
Date of first Publication:2024/01/09
Publishing Institution:Ruhr-Universität Bochum, Universitätsbibliothek
Tag:Automotive security; Post-quantum cryptography; Public-key cryptography
Dewey Decimal Classification:Allgemeines, Informatik, Informationswissenschaft / Informatik
open_access (DINI-Set):open_access
Konferenz-/Sammelbände:21th escar Europe : The World's Leading Automotive Cyber Security Conference
Licence (German):License LogoKeine Creative Commons Lizenz - es gelten die Rechteeinräumung und das deutsche Urheberrecht