Post Quantum Cryptography in Automotive A Strategy Proposal

Asymmetric cryptography is now in widespread use, but algorithms that are secure today will be broken by the quantum computers of tomorrow. Most of todays and upcoming automotive security measures (e. g. ECU integrity protection, secure onboard communication, V2X, access control etc.) rely on classical cryptography that will be vulnerable. Although a breakthrough in quantum computing might be years away, companies need to prepare for the smooth transition to quantum-secure systems. Finding suitable post-quantum algorithms and migrating to quantum-secure systems can pose many challenges. This presentation aims to facilitate the understanding of challenges in the migration to post-quantum cryptography and describe viable solutions based on existing research. First, post-quantum algorithms and their impact on functions and protocols are analyzed under consideration of ongoing standardization processes and migration research projects. After that, the considerable differences between algorithms based on practical examples and benchmarks on common automotive hardware targets, e.g., Aurix TC375, are described. In the practical examples we focus on the lattice-based algorithms Falcon and Dilithium and briefly point out differences from other mathematical primitives. Furthermore, practical solutions for migration of Public Key Infrastructures (PKIs) are illustrated and respective advantages and disadvantages are discussed. The various categories of crypto agility are presented to highlight the wide scope of methods in this field. At the end, a general strategy for migration is proposed that considers the general uncertainty about the quantum threat by planning ahead and increases the trust in novel post-quantum algorithms by the implementation of suitable solutions. About the Speaker: Dennis Naujoks is a cybersecurity consultant specializing in automotive security at ETAS. He holds a Bachelor's and Master's degree in IT-Security from Ruhr-University Bochum, where he developed a strong foundation in applied cryptography and embedded systems. During his Master's thesis at TÜV IT, Dennis focused on post-quantum cryptography and side-channel analysis—key areas in securing next-generation embedded platforms. Since 2022, he has worked at the intersection of automotive systems and cybersecurity, helping clients navigate complex security challenges in connected and software-defined vehicles.