Quantum computing meets post-quantum cryptography and software-defined vehicles

I’m starting to feel like a silly old man (but where do we find an old man this time of day?). When I was a kid, cars didn’t have any form of digital computation. My parents’ car doesn’t even have power windows. We consider ourselves lucky if windshield wipers can make even a half-hearted attempt to fulfill their role in life.

I remember when I was about 7 years old. Every weekday morning, my mother and I got into the family car to drive me to school. We started our journey with her choking and hitting the gas pedal like a madman, then we both held our breath while she turned the ignition. If we were lucky, the car would have started, in which case we next had to wait a long time for the engine to warm up. If we were unlucky, she flooded the engine, in which case we had to wait a long time before we could try again. It’s not uncommon for our cars to make loud noises and not start, in which case my mom would say “Oh my god” (or words with such meanings) and we take the bus. I didn’t learn much about driving but I certainly expanded my vocabulary.

Also, public transport in the UK is great and you can easily get around without a car, so I didn’t buy my first car until I was in my late twenties. This is the Triumph 2000 that I bought from someone who was a good friend (until he sold me the Triumph 2000). It is built like a tank. Someone once drove their car into the back of my car at some traffic lights. Their front end was badly damaged, and mine had a small dent in the rear bumper. Balancing the timing on the dual carburetor is a nightmare. Putting your pedals into the metal to accelerate is the equivalent of throwing a gallon of gas out the window.

Of course, cars are now like NASA command centers on wheels. Today’s distributed automotive architecture uses hundreds of microcontrollers (literally, not figuratively) scattered throughout the chassis. Aside from the incredible complexity involved in these architectures, it’s not uncommon to have three or four kilometers of copper wire linking everything together. The rope alone can weigh about 80 kg, like having another person in the car. To address this, we are turning to what is called a regional architecture, which consists of a central multi-core computer system that coordinates everything through a network of connections to the areas around the vehicle. Each zone handles cross-domain operations required by that zone.

At the same time, we are entering the era of software-defined media (SDV). One aspect of this is the ability to automatically update the vehicle over the air (OTA) — not just the infotainment system or a certain part of the vehicle, but the entire vehicle over its lifetime. it, at least 10 to 15 years. . Not only does this benefit users as their vehicles get better over time, but it also gives OEMs an edge in the form of increased revenue opportunities.

Data is the lifeblood of this new SDV world. This is all about data intelligence. Instead, it’s not about transferring all the data to the cloud—that’s the old practice—but processing the data at the edge inside the car using more powerful processors to extract the information. to perform tasks such as providing unusually detailed information about vehicle health and to be able to run a real-time digital replica in the cloud. But that is another day’s story.

The problem is that there are nefarious scoundrels roaming the world—cybercriminals who want to steal our data and want to do us harm. Consider the possibility of disaster if one of these greasy balls remotely hijacks your vehicle, potentially damaging safety systems or causing you to crash. Sadly, one of the downsides of smart connected cars is that they provide a large attack surface with many attack vectors.

Photo courtesy of NXP

Software-defined vehicles create a large attack surface for cybercriminals.

On the plus side, we are protected by sophisticated encryption algorithms. In the case of asymmetric cryptography (public key), we have RSA, which requires parsing primes, and ECC, which requires solving elliptic curves. In the case of symmetric ciphers, we have AES-128 and SHA-256. All of these are used to provide different forms of cybersecurity on modern vehicles.

Photo courtesy of NXP

Modern encryption algorithms.

Cracking any of these cryptographic solutions can put even a modern supercomputer out of hand. So that’s okay. Nothing. Right? Well… unfortunately, there was an elephant in the room and a fly in the soup (I’ve never come across a metaphor that I didn’t like). Our fabled elephant’s name isn’t Simon—it’s not what’s wrong with Simon—it’s Quantum Computer (I agree, it’s a strange name for an elephant, but… allegorical elephants) , What can you do?).

What is a quantum computer?

Quantum computers exploit quantum mechanical phenomena to perform its calculations. What does this mean and how does it do it? I have no clue. All I know is that people have been rambling about quantum computers since the 1970s, constantly saying we’ll get them to work “in the next 10 years”. Sadly, it will be another 10 to 20 years before we have quantum computers that are easily accessible to the general public (i.e. me and my friends), but many different entities have already achieved their goals. great progress in this field.

According to the report of Scientific warning, for example, today’s most powerful digital computer in the world, the Frontier supercomputer, would take 47 years (give or take) to solve a certain benchmark of complexity. For comparison, the Sycamore quantum computer recently created by Google’s Artificial Intelligence division was able to break similar benchmarks in just a few seconds.

The point is that quantum computers should be able to crack today’s RSA and ECC-based ciphers in seconds using techniques such as Shor’s algorithm, which was proposed in 1994. Similarly, Shor’s algorithm Grover can be used to crack AES-128 and SHA-256. Fortunately, symmetric algorithms can be fortified against Grover’s algorithm by switching to AES-256 and SHA-384 or SHA-512. Migration of this kind is painful and expensive, but at least there is something to migrate. For comparison, in the case of public key cryptography, we have a big problem because RSA and ECC are considered dead ducks in the post-quantum computing era.

Photo courtesy of NXP

Existing public-key cryptographic solutions will become dead ducks in the post-quantum computing era.

In cryptography, the term post-quantum cryptography (PQC), sometimes called “quantum proof,” “quantum secure,” or quantum resistant,” refers to cryptographic algorithms are said to be secure against cryptographic attack by quantum computers.

In 2016, to come up with a PQC solution, the National Institute of Standards and Technology (NIST) launched a contest to call for an official proposal. By the 2017 application deadline, they had 69 candidate solutions. This is followed by a win phase. Second round candidates were announced in 2019, third round candidates (7 finalists and 8 substitutes) were announced in 2020, and standardized winners were announced. announced in 2022. The official standards for these winners—CRYSTALS-Dilithium and CRYSTALS-Kyber—are scheduled to be available in 2024, during the transition of the entire market to standards. This new PQC will be completed by 2030.

Crystal-Dilithium? Dilithium crystals? You must be joking. Am I the only one who hears the phrase “But Captain, the engines can’t stand it,” echoing in my ears (for younger readers, I’m transferring Scotty from Star Trek: Original Series). But we digress…

And so we come to the smart boys and girls at NXP Semiconductors. These little scammers have been leading the industry in the automotive and security markets for decades, so it’s no surprise that NXP is part of a consortium that has developed one of the CRYSTALS algorithms.

The reason I’m confused about all of this here is because the experts at NXP recently introduced their S32G line of media network processors (VNPs). These little rogues (VNP, not the ones at NXP) boast 21 Arm processor cores along with a bunch of other cores and combine ISO 26262 ASIL D safety, hardware security, handling High performance real-time and applications as well as network acceleration (funny!)

Photo courtesy of NXP

Meet S32G.

In addition to everything else, the S32G boasts a built-in hardware security (HSE) engine for cryptographic services and key management, and includes support for PQC. This means that developers have begun to integrate S32G into their next-generation vehicles knowing that these devices can meet today’s existing cybersecurity standards and they will have a can support tomorrow’s new PQC algorithms as soon as they are officially adopted. available.

We really live in exciting times. We can hope that they will not become too interesting or at least more interesting than it is to our advantage. How about you? What do you think about all of this?