To ensure the security of embedded systems, the integrity and authenticity of the software must be verified, for example through signatures. However, targeted hardware attacks enable malware to be used to take over the system. What risks are modern cryptographic implementations exposed to? What countermeasures need to be taken? To answer these questions, Fraunhofer AISEC was commissioned by the German Federal Office for Information Security (BSI) to carry out a study of laser-based fault attacks on XMSS. The focus is on a hash-based, quantum-secure scheme for creating and verifying signatures based on the Winternitz One-Time-Signature (WOTS) scheme.

The threat posed by quantum computers to the asymmetric cryptography in use today has been well known in the scientific community for more than 25 years, since Peter Shor published a polynomial algorithm for prime factorization to solve the discrete logarithm on a quantum computer. In recent years, crypto experts have increasingly been warning of the progress that is being made in quantum computing and its relevance for cryptography.

Research on post-quantum cryptography (PQC) at the Fraunhofer Institute for Applied and Integrated Security AISEC aims to enable businesses, government bodies and citizens to continue to have access to usable cryptography that will remain secure in the long term so they can keep their data secure. This blog article provides a brief overview of four ongoing projects.