Paper 2022/635

Post-Quantum Secure Boot on Vehicle Network Processors

Joppe W. Bos, Brian Carlson, Joost Renes, Marius Rotaru, Daan Sprenkels, and Geoffrey P. Waters


The ability to trust a system to act safely and securely strongly relies on the integrity of the software that it runs. To guarantee authenticity of the software one can include cryptographic data such as digital signatures on application images that can only be generated by trusted parties. These are typically based on cryptographic primitives such as Rivest-Shamir-Adleman (RSA) or Elliptic-Curve Cryptography (ECC), whose security will be lost whenever a large enough quantum computer is built. For that reason, migration towards Post-Quantum Cryptography (PQC) is necessary. This paper investigates the practical impact of migrating the secure boot flow on a Vehicle Network Processor (S32G274A) towards PQC. We create a low-memory fault-attack- resistant implementation of the Dilithium signature verification algorithm and evaluate its impact on the boot flow.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
Post-Quantum CryptographyDigital SignaturesSecure BootAutomotive ProcessorsS32G274A
Contact author(s)
joppe bos @ nxp com
joost renes @ nxp com
daan @ dsprenkels com
2022-05-23: received
Short URL
Creative Commons Attribution


      author = {Joppe W.  Bos and Brian Carlson and Joost Renes and Marius Rotaru and Daan Sprenkels and Geoffrey P.  Waters},
      title = {Post-Quantum Secure Boot on Vehicle Network Processors},
      howpublished = {Cryptology ePrint Archive, Paper 2022/635},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.