Inferensys

Glossary

Post-Quantum Cryptography (PQC)

Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to be secure against attacks from both classical computers and future quantum computers.
Isolated secure server room with network cables physically disconnected, minimal lighting, security-focused environment.
EMBEDDED SECURITY FOR TINYML

What is Post-Quantum Cryptography (PQC)?

Post-Quantum Cryptography (PQC) is the field of cryptographic algorithms designed to be secure against attacks from both classical computers and future, cryptographically-relevant quantum computers.

Post-Quantum Cryptography (PQC), also known as quantum-resistant or quantum-safe cryptography, refers to cryptographic algorithms designed to withstand cryptanalysis by both classical computers and future quantum computers. Unlike current public-key systems like RSA and Elliptic Curve Cryptography (ECC), which are vulnerable to Shor's algorithm running on a quantum computer, PQC algorithms are based on mathematical problems believed to be hard for quantum computers to solve. The National Institute of Standards and Technology (NIST) is leading a standardization process to select viable PQC algorithms for widespread adoption.

For TinyML and embedded systems, implementing PQC presents significant challenges due to the increased computational overhead, larger key sizes, and greater memory footprint of these new algorithms compared to traditional Lightweight Cryptography. This necessitates hardware-aware optimization and careful integration with a device's Hardware Security Module (HSM) or Secure Element to maintain performance within the severe constraints of microcontrollers. PQC is a critical component of a forward-looking Zero-Trust Architecture for IoT, ensuring long-term data confidentiality and integrity for devices deployed in the field for decades.

POST-QUANTUM CRYPTOGRAPHY

Core PQC Algorithm Families

Post-Quantum Cryptography (PQC) comprises cryptographic algorithms designed to be secure against attacks from both classical and future quantum computers. The following families represent the primary mathematical approaches being standardized to replace vulnerable systems like RSA and ECC.

03

Multivariate Cryptography

Multivariate cryptography is based on the difficulty of solving systems of multivariate quadratic polynomials over finite fields. The security hinges on the MQ problem, which is also NP-hard.

  • Typical Use: Primarily used for constructing digital signatures.
  • Characteristics: Produces very short signatures and fast verification, but often has large public keys.
  • Examples: Rainbow (a signature scheme that was a NIST finalist but later had its security parameters reduced due to cryptanalysis) and GeMSS. These schemes often involve generating a complex public map that is easy to evaluate but hard to invert without a secret 'trapdoor'.
05

Isogeny-Based Cryptography

Isogeny-based cryptography is a newer family that uses the mathematical theory of elliptic curves and the difficulty of computing isogenies (maps between curves) between supersingular elliptic curves.

  • Core Problem: Supersingular Isogeny Diffie-Hellman (SIDH).
  • Key Advantage: Exceptionally small key sizes compared to other PQC families.
  • Recent Development: The original SIDH proposal (SIKE) was broken in 2022 using a new mathematical attack. Active research is focused on developing secure variants, such as CSIDH (which operates in the commutative setting), but these are less efficient and not yet ready for standardization.
06

Symmetric Cryptography & Hybrid Modes

While not a 'public-key' family, symmetric algorithms (AES, SHA-3) are generally considered quantum-resistant, though Grover's algorithm forces a doubling of key size for equivalent security. Therefore, PQC migration focuses on replacing public-key algorithms.

  • Hybrid Deployment: The recommended practical approach is hybrid key exchange, where a classical algorithm (e.g., ECDH) and a PQC algorithm (e.g., Kyber) are both used. The final shared secret is derived from both results.
  • Benefit: Maintains security even if one of the cryptographic systems is broken, providing a robust transition path. Major protocols like TLS 1.3 and SSH are adopting hybrid modes.
EMBEDDED SECURITY FOR TINYML

PQC for TinyML and Embedded Systems

Post-Quantum Cryptography (PQC) for TinyML and embedded systems refers to the implementation of quantum-resistant cryptographic algorithms on microcontroller-class devices, securing them against future quantum computer attacks.

Post-Quantum Cryptography (PQC) comprises algorithms designed to be secure against attacks from both classical and future quantum computers, which threaten to break widely used public-key systems like RSA and ECC. For TinyML and embedded systems, this involves adapting these mathematically complex algorithms—such as lattice-based, code-based, or hash-based schemes—to operate within the severe constraints of microcontrollers, including limited RAM, flash storage, and CPU cycles, while maintaining a minimal power footprint.

The primary challenge is the significant computational and memory overhead of PQC algorithms compared to traditional Elliptic Curve Cryptography (ECC). Implementation requires careful optimization, often leveraging hardware acceleration like cryptographic co-processors and techniques from lightweight cryptography. This ensures secure firmware attestation, Secure Over-the-Air (SOTA) updates, and long-term data protection for IoT devices, establishing a hardware root of trust resilient to the quantum threat horizon.

POST-QUANTUM CRYPTOGRAPHY

Frequently Asked Questions

Post-Quantum Cryptography (PQC) refers to cryptographic algorithms designed to be secure against attacks from both classical computers and future quantum computers, which are anticipated to break widely used public-key cryptosystems like RSA and ECC. This FAQ addresses its critical role in securing embedded and TinyML systems.

Post-Quantum Cryptography (PQC) is a class of cryptographic algorithms designed to be secure against cryptanalysis by both classical computers and future, large-scale quantum computers. The urgency stems from Shor's algorithm, a quantum algorithm that can efficiently solve the integer factorization and discrete logarithm problems, which would break the security of nearly all currently deployed public-key cryptography (RSA, ECC, DH). This creates a 'harvest now, decrypt later' threat, where adversaries can collect encrypted data today to decrypt it once a sufficiently powerful quantum computer exists. For long-lived embedded IoT and TinyML devices with 10-20 year lifespans, implementing PQC is a critical preemptive security measure.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.