Driven by advancements in cryptographic research and the need for stronger security measures, the National Security Agency (NSA) introduced the Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) to establish a set of quantum-resistant cryptographic standards. The NSA is now urging data center and computing markets to become post-quantum ready within the next two years. To help system architects meet evolving security demands, Microchip Technology has developed its MEC175xB embedded controllers with embedded immutable post-quantum cryptography support.
As a standalone controller, the MEC175xB family employs a modular approach for developers to efficiently adopt post-quantum cryptography, helping ensure long-term data protection without compromising existing functionality. These low-power controllers are designed with National Institute of Standards and Technology (NIST) approved post-quantum cryptographic algorithms, configurable secure boot solutions and an advanced Enhanced Serial Peripheral Interface (eSPI).
“As the significance of potential, future attacks on cryptography using quantum computing is understood more widely, the cybersecurity landscape is already undergoing substantial transformations,” said Nuri Dagdeviren, corporate vice president of Microchip’s security products business unit. “Our MEC175xB controllers, featuring quantum-resistant cryptography implemented in immutable hardware with efficient power management, are designed to equip our customers with the tools they need to navigate increasingly complex digital security requirements.”
MEC175xB controllers incorporate CNSA 2.0-compliant Module-Lattice-Based Digital Signature Algorithms (ML-DSA), Merkle stateful hash-based Leighton-Micali Signature (LMS) verification and Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) standardized by NIST. These new algorithms with quantum attack resistance are implemented in immutable hardware to block attack paths possible on software implementations.
The controllers feature secure boot and secure firmware update schemes configurable to use either CNSA 1.0 or 2.0 or hybrid-based signature verification. Attestation capabilities use ML-DSA for signing and key generation to enhance system integrity and authenticity. At the core is an Arm Cortex-M4F processor with a Memory Protection Unit (MPU) running at 96 MHz to deliver high performance for complex computations and real-time applications. The controllers include 480 KB of SRAM, I3C host and client interfaces and an optional USB 2.0 Full-Speed interface for versatile connectivity.
