Securing the Future With Post-Quantum Cryptography on Microchip FPGAs
Quantum computing is changing security—are your designs ready? Read this post to discover how our FPGAs offer performance, flexibility and advanced protection with post-quantum cryptography, helping engineers transition confidently to quantum-safe systems.
The Coming Quantum Threat
For decades, our digital world has relied on a few key cryptographic standards, primarily symmetric and asymmetric cryptography. These technologies have been the locks on our most sensitive data, from financial transactions to government secrets. However, the rise of quantum computing promises to revolutionize science, medicine and technology, but also challenges the existing crypto technologies.
Why We Need Post-Quantum Cryptography
Current public-key cryptography relies on mathematical problems that are easy to compute in one direction but virtually impossible to reverse. For example, in RSA, it's easy to multiply two large prime numbers, but incredibly difficult to factor the resulting number back into its primes. Similarly, elliptic curve cryptography (ECC) relies on the difficulty of the discrete logarithm problem on elliptic curves.
Quantum computers can leverage two powerful algorithms to break these types of systems. For example, Shor's algorithm can efficiently find the prime factors of large numbers, directly breaking RSA. Similarly, this same algorithm can be used to solve the discrete logarithm problem which undermines ECC. Another example is Grover's algorithm which is a general-purpose search algorithm that can significantly speed up brute-force attacks on symmetric-key algorithms, effectively reducing their security strength by half.
The 2015 U.S. Office of Personnel Management (OPM) breach is a prime example of HNDL. Attackers stole records of 22 million federal employees, including "evergreen" data like fingerprints and security clearance background checks. While some files were encrypted, they remain "gold mines" for future decryption; because a person’s life secrets and biometrics don't change, this data remains valuable for blackmail or espionage even 20 years later.
The "harvest now, decrypt later" threat highlights the urgency making sensitive data with a long shelf life, such as government records, intellectual property and medical information, vulnerable. Even if a quantum computer doesn't exist to break the encryption today, attackers can steal the data and store it, waiting for the day they can easily decrypt it. This makes a timely migration to post-quantum cryptography a critical priority.
Post-Quantum Cryptography Promise
Post-Quantum Cryptography (PQC) is a collective term for new cryptographic algorithms, and the global cryptographic community, led by the National Institute of Standards and Technology (NIST), is working to standardize these new algorithms.
The standardization process has been underway for several years and involves rigorous competition and evaluation of various algorithms. Below are the current leading families of PQC algorithms that have emerged as finalists.
- Code-based cryptography: Based on the difficulty of decoding general linear error-correcting codes, with the McEliece cryptosystem being a classic example.
- Lattice-based cryptography: Based on the difficulty of solving certain problems in high-dimensional lattices. This family includes algorithms like CRYSTALS-Kyber (now ML-KEM) for key encapsulation and CRYSTALS-Dilithium (now ML-DSA) for digital signatures, which are currently the front-runners for standardization.
- Hash-based cryptography: These schemes build security purely on the strength of cryptographic hash functions and are primarily used for digital signatures. The SPHINCS+ algorithm (now SLH-DSA) is a prominent example.
NIST standardization is a critical step, providing a trusted set of algorithms that the industry can adopt, providing future interoperability and security.
Why FPGAs for PQC
Unlike traditional CPUs or ASICs, FPGAs offer a perfect balance of performance and flexibility and are uniquely suited to the challenges of PQC implementation.
- Parallelism: Many PQC algorithms are computationally intensive and require a high degree of parallel processing. The configurable logic blocks allow for dedicated hardware accelerator creation that can perform many operations simultaneously. This is a significant advantage over a general-purpose CPU, which must execute instructions sequentially.
- Reconfigurability: The PQC standards are still evolving and field updates of hardware is a major benefit. FPGAs can be reconfigured to support new standards, tweak algorithms or patch security vulnerabilities, providing crypto agility not possible with fixed-function ASICs.
- Security: Microchip FPGAs provide a superior security foundation for PQC by offering stronger protection against physical and side-channel attacks than software-based solutions. PolarFire® FPGAs employ a "defense-in-depth" strategy that features layered JTAG security—combining static JTAG Locks to prevent unauthorized access with a dynamic JTAG Security Monitor that detects suspicious probing or unauthorized state transitions in real-time. Upon detecting a threat, the system can trigger immediate tamper responses, such as key zeroization or device lockdown, to certify PQC assets remain protected even under physical scrutiny. Furthermore, Microchip includes a pass-through license from Rambus for the DPA patent portfolio with "S" (Data Security) devices. This enables customers to implement high-speed, DPA-resistant cryptographic functions in the FPGA fabric or SoC application without the need to negotiate a separate license, providing a cost-effective and streamlined path for high-performance, quantum-safe hardware.
Microchip Partner-Powered PQC Solutions
We have built a strong partner ecosystem to offer customers a wide range of verified and secure PQC solutions on our FPGAs. These partnerships accelerate PQC adoption by providing ready-to-integrate IP cores and software libraries for Microchip FPGAs.
Partner |
Core Focus |
PQC Algorithm Support |
Unique Hardware/Security Value |
Key Compliance/ |
Optimization/ |
Microchip FPGA Platform |
HW/SW Codesign |
ML-KEM/DSA (Lattice); Hash |
90-99.99% HW performance; First-order DPA Protection |
High vs. Low-End Versions; CPU offload |
PolarFire FPGAs and SoC FPGAs |
||
Certifiable SW Libraries |
ML-KEM/DSA, SLH-DSA (NIST Finalists) |
IoT Optimized (6x-11x smaller RAM); Constant-time execution |
Low-memory footprint (<16KB) |
PolarFire FPGAs and SoC FPGAs |
||
Pure RTL Logic |
ML-KEM/DSA (FIPS 203/204 compliant) |
No CPU/SW components; Protection against timing-based SCA |
PQC algorithms Standardized by NIST |
Optimized for Compact, Balanced, or High-speed; Minimal resource usage |
PolarFire FPGAs and SoC FPGA |
|
HW Accelerator |
KiviPQC-Box (ML-KEM and ML-DSA, FIPS 203/204) |
Hardware Offloading for PQC math; Hardened against timing-based SCA |
Compliant with NIST FIPS 203 and FIPS 204 |
Offered in Tiny (e.g., 6,143 LUTs) and Fast versions. |
PolarFire FPGAs |
|
Silicon IP |
ML-KEM, ML-DSA (NIST); XMSS/LMS (Stateful Hash) |
DPA/SCA Countermeasures (Hardened); Programmable Quantum Safe Engine |
FIPS 140-3 Compliant designs; CNSA 2.0 and ISO 26262 ready |
Configurable IP Cores (IoT to Data Center); Inline Memory Encryption |
PolarFire FPGAs (DPA Licensed) |
Microchip allows customers to have access to a rich and diverse set of verified PQC solutions, optimized for Microchip FPGAs, helping them to quickly and confidently transition to a quantum-safe world.
To help you navigate the transition to quantum-safe security, we have collaborated with industry leaders to provide in-depth technical training and hardware demonstrations:
- Standardization and RISC-V: Watch Alan Grau from PQShield discuss the newly finalized NIST PQC standards and what developers need to know about implementing them on RISC-V architectures.
- Hardware Acceleration: Discover how PQSecure delivers efficient, high-performance PQC IP specifically optimized for the small footprint and low power of PolarFire SoC FPGAs.
- IP Integration: Join Dr. Reza, CEO of PQSecure, for a technical look at integrating PQC hardware IP into your design to safeguard your hardware against future threats.
- Hands-on Training: Explore our Mi-V Unleashed series featuring the PQSLIB3 library from PQShield, designed to jumpstart your post-quantum development.
Figure 1: Quantum-Proof your data: The PQC transition with Microchip FPGAs
A Future Secure Foundation
The quantum threat is real, and the time to prepare is now. The combination of post-quantum cryptography and our robust FPGA platforms, supported by a world-class partner ecosystem, provides a powerful and comprehensive solution to this cybersecurity problem.
A new class of algorithms based on post-quantum cryptography (PQC) are designed to be secure against both classical and quantum computers. To enable these new solutions, it is necessary to have a robust and adaptable hardware platform. The Microchip FPGA based platform is essential due to their unique combination of performance, flexibility and security. Using a Microchip FPGA provides a future-proof platform for implementing these vital PQC solutions.
By leveraging the performance, flexibility and security of Microchip FPGAs, developers can implement future-proof PQC solutions that protect sensitive data from both today's and tomorrow's threats. The wealth of verified partner solutions enables this transition to not only be possible but also practical. Proactive security is the key to a safe and prosperous digital future, and it will be built on a foundation of strong industry collaboration. We encourage you to explore the PQC solutions offered by Microchip's partners and begin designing with these future-proof technologies.
The time for action is now. To begin designing your quantum-safe system, explore our partner solutions using the IP Search tool and leverage the Mi-V Ecosystem for seamless integration with PolarFire SoC FPGAs. For more guidance on your crypto-agility strategy or system migration, please contact our experts directly at fpgamarketing@microchip.com