Infineon TPM features PQC protected firmware update mechanism - Embedded.com

Infineon TPM features PQC protected firmware update mechanism

Latest TPM claims future-proof security with a PQC protected firmware update mechanism to counteract the threat of firmware corruption by attackers with access to quantum computers.

With the threat that quantum computing is feared to have on current cybersecurity systems and integrity of digital signatures, Infineon Technologies has launched a new trusted platform module (TPM) which features a post-quantum cryptography (PQC) protected firmware update mechanism using XMSS signatures.

This mechanism in its new OPTIGA TPM SLB 9672 module would help counteract the threat of firmware corruption by attackers with access to quantum computers. As a result, Infineon said this increases long term survivability of a device by enabling a quantum-resistant firmware upgrade path. The TPM provides an out-of-the-box foundation for securely establishing the identity and software status of PCs, servers, and connected devices, and for protecting the integrity and confidentiality of data at rest and in transit.

Infineon OPTIGA-TPM-SLB-9672
Infineon said its new module is the industry’s first TPM to offer a firmware update mechanism with a 256-bits key length, along with an additional check based on PQC. (Image: Infineon Technologies)

The company said the new module is the industry’s first TPM to offer a firmware update mechanism with a 256-bits key length, along with an additional check based on PQC. With this strong and trusted update mechanism, it can still be updated if the standard algorithms are no longer trusted, and its design helps improve computing performance with fail-safe features to counteract the effects of corrupted firmware. For instance, built-in fail-safe features enable TPM firmware recovery in accordance with the NIST SP 800-193 Platform Firmware Resiliency Guidelines.

The TPM also provides an expanded non-volatile memory to store new features such as additional certificates and cryptographic keys. Security evaluation and certification are performed by independent bodies according to the Common Criteria and FIPS requirements. It also fully complies with the Trusted Computing Group (TCG) requirements (TPM 2.0 standard version 1.59) and is certified according to the latest TPM 2.0 standard.

Featuring a standardized trust base, as well as various tools to support design activities – such as software and demo boards – a the TPM enables easy integration with host software. It also supports the latest versions of Windows and Linux. The chip is specified to an extended temperature range of -40°C to 105°C, and Infineon said long-term availability is a minimum of ten years, with tailored support and maintenance offered through its Infineon Security Partner Network (ISPN).

Related Content:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.