Strengthening Post-Quantum Security for Automotive Systems

The long lifecycle of automotive products demands that not only current but also future threats are considered during the design of automotive security. Therefore, the foreseeable breakthrough of quantum computers represents a risk for the automotive industry and the integration of Post-Quantum Cryptography (PQC) gets necessary. Lattice-based PQC is an attractive alternative for securing automotive systems. It usually employs Error-Correcting Codes (ECC) to increase the security level and to decrease the failure rate. However, ECCs are vulnerable to timing attacks. To this end, we present in this work three contributions. First, we present an implementation of PQC tailor-made for a microcontroller used in automotive systems. Second, we integrate a more powerful ECC into ThreeBears, which is an efficient Post-Quantum scheme, in order to improve its security level and to decrease the failure rate. Finally, we implement a protected ECC implementation able to resist timing attacks. Results show that the integration of PQC in automotive environments is feasible and that optimization techniques can lead to a 55.98\,% performance improvement. Moreover, our ECC exploration achieves a failure rate decrease from $2^-135$ to $2^-153$. Alternatively, an increase of the security level from $2^141$ to $2^144$ can be achieved. Furthermore, the timing-protected ECC presents in total only a minor performance overhead.     «

The long lifecycle of automotive products demands that not only current but also future threats are considered during the design of automotive security. Therefore, the foreseeable breakthrough of quantum computers represents a risk for the automotive industry and the integration of Post-Quantum Cryptography (PQC) gets necessary. Lattice-based PQC is an attractive alternative for securing automotive systems. It usually employs Error-Correcting Codes (ECC) to increase the security level and to dec...     »