Keysight introduces testing capabilities to strengthen post-quantum cryptography
Enables device and chip vendors to identify and fix hardware vulnerabilities in the design cycle.
Keysight Technologies, Inc. has introduced what it says is an industry-first automated solution designed to test the robustness of post-quantum cryptography (PQC). This latest addition to Keysight Inspector is a notable expansion of the comprehensive platform that helps device and chip vendors identify and fix hardware vulnerabilities.
Quantum computing is designed to substantially accelerate complex calculations. This development will inevitably threaten existing encryption technologies. Algorithms like RSA and ECC, proven and robust in the current conventional computing era, could be easily circumvented. As the industry looks to remain resilient both now and in the future, this means developing new PQC encryption algorithms. This will be important for applications where encrypted data is captured on the assumption it can be decrypted later. However, new technologies assumed to be resilient against post-quantum attacks may be vulnerable to existing hardware-based attack methods.
Keysight Inspector, part of the company’s recently acquired device security research and test lab Riscure, addresses this challenge. The Keysight Inspector device security testing platform can now be used to test the implementations of the Dilithium algorithm, one of the PQC algorithms selected by NIST. For adopters of this algorithm in hardware, this allows designers to verify that products are secure against these threats. The test solution will also be necessary for government institutions and security test labs that want to verify the strength of third-party products.
With ongoing standardisation, Keysight expects dozens of new security algorithms to become available for multiple applications and industries. Ultimately, these algorithms will need verifiable implementations. Keysight will provide the necessary test tooling in addition to certification services through Keysight Inspector.
In addition, Keysight Inspector can also test the chips and analyse the silicon design before implementation by simulating the hardware code pre-silicon. Riscure has been working with PQShield, the leading developer of PQC solutions, to conduct both pre- and post-silicon analyses of their products.
Dr Axel Poschmann, Vice President of Product at PQShield, said: “Keysight will help us verify the robustness of our implementations at an early stage. Building on our original work with Riscure within the Keysight portfolio is exciting and we are looking forward to continuing this journey.”
Marc Witteman, Director of the Device Security Research Lab at Keysight, said: “Post-quantum resilience does not guarantee total security. We have observed incidents when the latest post-quantum encryption technology suffers from hardware-based threats. With this technology being implemented at a larger scale, the need for comprehensive testing becomes apparent. We are addressing this need by adding post-quantum algorithm testing capability to the Keysight Inspector solution, our comprehensive device security testing platform.”
Keysight will provide live demonstrations of the Keysight Inspector hacking a PQC implementation running on a popular processor at booth 4418 during the upcoming RSA Conference in San Francisco.
