Future-Proof Security Starts Now
Quantum computing is poised to break widely used cryptographic algorithms like RSA and ECC, which protect everything from online banking to government secrets. Post-Quantum Cryptography (PQC) is the next generation of cryptographic algorithms designed to resist quantum attacks. Even before quantum computers arrive, adversaries can harvest encrypted data and decrypt it later, making PQC a critical investment for future-proof security.
We are driving the post-quantum transition with a growing portfolio of PQC-ready hardware, secure provisioning services and crypto-agile architectures and empowering you to meet global standards and accelerate compliance with mandates such as CNSA 2.0, which begins in 2025 and phases in through 2033.
Designing with Post-Quantum Cryptography
To counter quantum threats, the NSA introduced CNSA 2.0, a roadmap for adopting quantum-resistant cryptography. Unlike CNSA 1.0, which used vulnerable public key algorithms, CNSA 2.0 embraces secure methods like lattice-based encryption. Symmetric algorithms such as AES-256 and SHA-2 remain effective with increased key sizes.
Key considerations for transitioning:
- Larger keys and signatures: Post-quantum algorithms demand more storage and bandwidth
- Performance impact: Encryption and verification may slow down, especially on constrained devices
- Protocol compatibility: Bigger cryptographic data can affect network efficiency and require protocol updates
Our PQC Strategy: Built Into the Silicon
We have integrated PQC at the hardware root of trust, enabling secure operations from power-on to end of life. Our approach, which mirrors industry leaders, is to embed quantum-resistant algorithms directly into our product architecture to provide crypto agility and compliance with standards like CNSA 2.0, FIPS 203, FIPS 204 and FIPS 205.
Hardware-based implementations of PQC offer several key advantages:
- Performance Optimization: Hardware accelerators execute cryptographic operations faster and with lower latency than software
- Energy Efficiency: Dedicated cryptographic hardware consumes less power, which is an excellent choice for embedded and battery-powered devices
- Tamper Resistance: Physical hardening protects against probing, fault injection and other physical attacks
- Secure Key Storage: Keys are stored in isolated, non-exportable memory regions, reducing security risk
- Reduced Attack Surface: Hardware minimizes exposure to software vulnerabilities like buffer overflows and timing attacks
- Consistency and Reliability: Predictable timing and behavior help mitigate timing-based side-channel attacks
Trust Shield Family Updates Registration
We are expanding our platform root of trust portfolio with the Trust Shield family, including TS1800 and TS50x controllers designed for post‑quantum‑ready secure boot and platform resiliency aligned with NIST SP 800‑193 and OCP requirements.
We are working with leading industry customers ahead of release, with general availability and TrustFLEX enablement forthcoming. Register to receive updates and request priority access to product resources.
Tools, documentation and TrustFLEX configurations will be available at general availability.
Our PQC-Enabled Products
TS1800 TrustFLEX
Platform Root of Trust Controller
The TS1800 is a high‑end external platform root of trust controller for complex, multi‑component data center systems. It supports hybrid post‑quantum and classical cryptography, aligns with NIST SP 800‑193 and OCP requirements and delivers high performance with an Arm Cortex‑M4F core running up to 192 MHz. USB 2.0, multi‑channel QSPI/SPI support and built‑in lifecycle management enable robust protect, detect and recover capabilities.
TS500 TrustFLEX
Root of Trust IC
The TS500 is a hardware‑based secure boot controller that resides in-line between the SoC and external SPI Flash, holding the system in reset until post‑quantum signature verification succeeds. It supports hybrid PQC and classical cryptography, is compatible with x86‑ and Arm Cortex‑based systems and helps meet NIST SP 800‑193 Platform Firmware Resiliency guidance in a compact 132‑pin DQFN package.
TS501 TrustFLEX
Root of Trust IC with Internal Flash
The TS501 builds on the TS50x secure boot architecture by integrating an internal SPI Flash to simplify system design and reduce external dependencies. It authenticates firmware using hybrid PQC and classical cryptography, holds the SoC in reset until verification completes and supports NIST SP 800‑193‑aligned secure update, rollback protection and crisis recovery in a compact, 132‑pin DQFN package.
MEC175xB Family
Embedded Controllers
The low-power, highly configurable MEC175xB family of embedded controllers is designed for notebook and storage enclosure platforms. It features an Arm® Cortex®-M4F processor, advanced I/O capabilities, secure boot with customizable firmware and robust power management. With support for modern and legacy interfaces, hardware-based PQC and flexible Flash-sharing mechanisms, it enables secure and efficient system control in ACPI-compliant architectures.
MEC1653B
Embedded Controller
The low‑power, highly configurable MEC1653B embedded controller is designed for notebook and client computing platforms. It features an Arm® Cortex®‑M4 processor, rich I/O integration, secure boot with customizable firmware and efficient power management. With support for modern and legacy interfaces, hardware‑based PQC and flexible Flash architecture, it enables secure and reliable system control in ACPI‑compliant designs.
Switchtec® PFX/PSX Gen 6 Fanout PCIe® Switch Family
PCI Express® (PCIe) Switches
The Switchtec PFX Gen 6 fanout PCIe switch family comprises high-reliability PCIe switches supporting up to 160 lanes, 20 ports and 10 stacks; hot-plug and surprise-plug controllers for each port; advanced error containment and comprehensive diagnostics and debug capabilities; a variety of I/O interfaces; and an integrated MIPS® processor, with bifurcation at x8 and x16.
PIC64HX MPU Series
High-Performance 64-bit MPUs
The PIC64HX family of 64‑bit RISC‑V® microprocessors (MPUs) delivers high‑performance compute with integrated, hardware‑anchored security for intelligent edge and industrial applications. Featuring a secure root of trust, advanced isolation technologies, post quantum cryptography and secure key storage, PIC64HX MPUs support Linux®‑based systems, AI workloads and scalable security requirements. Their flexible architecture enables protection of critical assets while supporting modern connectivity and high‑throughput processing.
PIC64-HPSC MPU Series
High-Performance Spaceflight Computing
The PIC64‑HPSC family of high‑performance 64‑bit RISC‑V microprocessors is designed for mission‑critical and high‑reliability systems. It integrates a defense‑grade hardware root of trust with secure and measured boot, post‑quantum cryptography, workload isolation and real‑time monitoring. Built for mixed‑criticality environments, PIC64‑HPSC MPUs provide advanced security, fault management and high compute capability for aerospace, defense and other demanding embedded applications.
Developer Resources and Support
Access PQC documentation, developer tools and secure provisioning services through myMicrochip. Our team is ready to help you future-proof your designs and meet compliance requirements.