SemiWiki.com - Podcast EP285: The Post-Quantum Cryptography Threat and Why Now is the Time to Prepare with Michele Sartori
Episode Date: April 25, 2025Dan is joined by Michele Sartori – senior product manager at PQShield. Michele is a software engineer in Computer and Network Security, specializing in product management. He is a passionate tec...h team leader at the forefront of emerging technologies focused on achieving tangible results. In this highly informative discussion,… Read More
Transcript
Discussion (0)
Hello, my name is Daniel Nennie, founder of SemiWiki, the open forum for semiconductor
professionals. Welcome to the Semiconductor Insiders podcast series.
My guest today is Michaela Sartori, Senior Product Manager at PQ Shield. Michaela is
a software engineer in computer and network security, specializing in product management.
He's a passionate tech team leader at the forefront of emerging technologies, focused on achieving tangible results.
Welcome to the podcast, Micaela.
Thank you. Good to be there.
First, can you tell me how you got your start in the semiconductor industry? Yes, so I've been working in security
for more than 10 years now,
starting with a strong technical foundation.
At first, I was in applied cryptography
and then in embedded systems and semiconductor industry.
So for me, it's where the tech meets strategy
and that's exactly where I want to be.
And what brought you to PQShield?
So the major reason of PQShield is that I can help in define and deliver post-quantum
cryptographic solutions.
So here at PQShield, we are delivering products that are not just secure, but they are really
at the forefront of the mathematical research. So it's a really passionate environment to work.
So let's talk about that a little bit more. You know, quantum computing is still in development,
but its impact on cryptography is already a concern. What makes this an issue today
rather than a problem for tomorrow? So the risk is not theoretical anymore.
Quantum computers will eventually break traditional public key cryptography like RSA and elliptic
curves. What we call the Schur's algorithm makes that possible and once quantum computers
arrive everything relying on these schemes will be exposed. NIST has already set a deadline.
Traditional public key cryptography is being phased out starting from 2030. That's only five years away. And here's the catch. Even if power
quantum machines don't exist yet, attackers can already collect encrypted data today
and decrypt it later when the tech is ready. That's called store now, decrypt later.
Sensitive data with long lifespans like contracts, medical records, or government archives, is already at risk.
We can't afford to wait. Migration takes time, and if the data lifespan plus the migration effort is longer than the time it takes for Quantum to break current crypto, it's game over.
This is the essence of Mosca's theorem.
At PicoShield, we are not just watching this unfold.
We are actively working with governments, standardization
bodies, and major tech companies to make sure
that your security plans reflect this very real threat.
Wow, that is concerning. Post-quantum cryptography is
fundamentally different from classical cryptography.
What are the main challenges
organizations face when deploying it?
Yeah, post-quantum cryptography is not just plug and play.
The algorithms are heavier.
It means bigger keys,
bigger signatures, more memory usage and more
compute. You can just swap them in and expect everything to work at the same.
That brings up to three main challenges, let's say. The first one, performance.
Many post quantum crypto-igarets demand more CPU cycles and also additional memory,
which is not ideal for constrained environments.
Second challenge is the integration.
Existing software and hardware stacks
were not built for this.
So upgrading crypto libraries across an enterprise
will not be trivial.
And the third one for sure is security.
So a lot of early PQ crypto code is working,
is functional, but not yet hardened.
So it does not protect against side channel attacks,
fault injections, or other real world threats.
Many cryptographic libraries in use today
have not even started integrated post-quantum crypto,
so the application layer, database, VPNs, authentication system is far from ready.
That's where PQ Shield comes in. We provide optimized secure-by-design implementation
from software libraries to hardware IPs that not only meet NIST standards but are built with resilience against real attacks as I
said side channel or timing attacks or fault injections. Okay so how I
understand it is cryptographic challenges remain the same you know
secure communication data protection authentication So why is this transition necessary?
Yeah, first of all, you're right.
The use case have not changed.
You still need cryptography to secure communications,
to protect data, to authenticate the user,
or a set of users, or to sign documents.
What is changing is the underlying math, the magic.
We are moving from algorithms that have worked for decades
to new ones that are quantum safe, but come with trade-offs.
They are newer, bigger, slower, and less battle-tested.
So this impacts different sectors in different ways.
For example, cloud providers.
Cloud providers rely on hardware security modules, HSM.
With post-quantum crypto, those HSM's become a bottleneck.
To maintain the current output, you need to buy more HSM,
which is expensive and does not scale.
So, for example, we have a solution for that, which is called PQPerform,
which addresses this with optimized accelerations
that avoids infrastructure bloat.
Another example, the industrial and automotive.
So here the device needs to be secure for 20 to 30 years,
but cannot afford increased memory or power use.
So replacing these devices is not an option.
For that, our lightweight PQ CryptoLib Embedded helps these legacy devices become quantum resistant
without having to redesign the hardware or recall the devices.
And another example is the high assurance sector.
So think about banking, defense, national infrastructure.
So these sectors can not tolerate weak side channel attack protections.
We built in security from day one,
so our solutions are ready for deployment
in critical environments.
Right.
So adopting new cryptographic standards
is going to require global alignment.
How are organizations assuring compatibility
and compliance with emerging post-quantum standards?
So the good news is that the standardization process
is well underway.
NIST announced the first post-quantum crypto standards
in 2024.
So we have now MLKM for key exchange.
We have MLDSA and SLHDSA for digital signatures.
We have XMSS and LMS for state stateful hash-based signatures and soon we will
have FNDSA because it's the next in the line. So this is not just academic,
regulatory pressure is coming. So by 2030, as I mentioned before, critical
infrastructure will be required to use quantum resistant cryptography.
So, organizations need to plan for compliance now,
not just for technical reasons,
but to avoid disruption when these standards become mandatory.
So, PQ Shield is directly involved in these standardization discussions.
We built to spec from day one and our solutions
are ready to roll out as soon as customers need them. And the answer is now.
Right. Well, that's good to know. So, Michaela, final question. What are the key steps
organizations should take to prepare for post-quantum cryptography?
take to prepare for post-quantum cryptography? There is a clear three-step plan.
So the first step is crypto discovery.
Start by identifying where cryptography is used in your system.
So if the crypto is in apps, in database, in hardware, in communication protocols, because
most companies underestimate how deeply crypto is embedded in their stack.
The second step is crypto remediation.
So once you know where the cryptograph is used, prioritize what needs to be updated.
Focus on high risk area first.
You'll need to pilot post quantum crypto solutions, check performance impact, and identify blockers,
like resources constraints or missing vendor support. And then the step number three,
which is in some cases the hardest, which is scale in a secure fashion. You cannot just deploy
and walk away post-quantum crypto. Post-quantum cryptography needs to be tested under real
world conditions in terms of performance, in terms of interoperability, in terms of security,
and you want to be sure that your crypto does not create new problems for sure.
So PicoShield provides the tools and the know-how to get this done. We help business move from discovery to deployment
and then to scale with minimal friction
so they can get quantum safe before the threat gets real.
Great.
Thank you very much, Michele, for your time.
Great conversation.
And I look forward to talking to you again.
Thank you.
Goodbye.
That concludes our podcast. Thank you all
for listening and have a great day.