BlackBerry provides post-quantum security support for in-vehicle software

On May 25, BlackBerry Limited announced that it will provide post-quantum security support for NXP® Semiconductor's NXP S32G in-vehicle network processor to mitigate the risk of in-vehicle software from potential quantum computing attacks.

NXP S32G2 series

The new integration will allow software to be digitally signed using the CRYSTALS Dilithium digital signature scheme recently endorsed by the National Institute of Standards and Technology (NIST). NIST's digital signature solutions are quantum-resistant, providing assurance to customers who rely on and deliver long-life-cycle assets in critical infrastructure, industrial controls, aerospace and military electronics, telecommunications, transportation infrastructure, and connected vehicles .

The collaboration between BlackBerry and NXP is to guard against an increasingly risky future quantum attack - when quantum computers will be able to easily break traditional code-signing schemes.

While quantum computing promises a giant leap in processing power, it also has the potential to render today's public key cryptography useless. In recent months, NATO, the White House and NIST have all taken steps to prepare for the "Y2Q" (the date quantum computing breaks public key cryptography) scenarios. In this case, quantum computers will become a weapon for attackers, and many widely used security methods become useless against next-generation attacks on quantum computing.

The BlackBerry® Certicom® code signing and key management server leverages NXP's S32G chip's secure boot process for fast and flexible quantum protection. The use of quantum-resistant signature schemes such as Dilithium for low-level device firmware, software updates, and software bills of materials (SBOMs) can mitigate the risk of potential quantum computing attacks on critical software updates, addressing some of the industry's major security concerns.

"As quantum computers continue to advance, it is increasingly important to work to secure today's systems against these future threats," said Joppe Bos, senior principal cryptographer at NXP Semiconductors. Addresses a critical need to strengthen code signing and software update infrastructure to address future cryptographic vulnerabilities."

"Before 2000, U.S. companies spent over $100 billion to avert disaster," said Jim Alfred, vice president of technology solutions at BlackBerry. "When a quantum attack becomes possible, Y2Q will be another layer of problems, affecting sales, operations, and The long-term asset industry with updatable software poses a significant threat. NXP shares our vision of mitigating the risks of quantum computing, and thanks to their support for hash signatures, together we can provide cybersecurity teams with the tools they need now, prevent their existing security measures from becoming obsolete.”

Jim Alfred

About BlackBerry

BlackBerry provides intelligent security software and services to businesses and governments around the world. The company provides security protection for more than 500 million terminals (over 195 million vehicles). Headquartered in Waterloo, Ontario, Leveraging artificial intelligence and machine learning, it provides innovative solutions in cybersecurity, security and data privacy solutions and is a leader in endpoint security, endpoint management, encryption and embedded systems. BlackBerry's vision is to ensure a trusted, connected future.

Reference link:

https://www.blackberry.com/us/en/company/newsroom/press-releases/2022/blackberry-and-nxp-join-forces