Cryptography and quantum computing
Once considered science fiction, Quantum Computing (QC) appears set to make its entrance in the coming decade. While current Quantum Computers have very limited functionalities, they are very much real, and by some estimations will be broadly used in several industries by the mid-2030s. Google claims it already possesses a quantum processor capable of quickly performing calculations that were previously only possible in a huge amount of time.
It is not far-fetched to surmise that in the foreseeable future, quantum computers might take an active role in technological applications. At first, only world powers and giant organizations (such as Google, Amazon, etc.) will possess large-scale, fully operational quantum computers, but later even regular users might have access to quantum computing capabilities, possibly via paid cloud services (some QC services with a very limited capacity are already available).
The effects of quantum computing on cryptography, and hence cyber security, are dramatic. Shor’s algorithm greatly diminishes the number of operations required in order to factorize large numbers, effectively rendering the most popular asymmetric cryptography schemes – RSA and ECC – unsecure. Grover’s algorithm significantly reduces the effectiveness of symmetric schemes, such as AES, requiring developers to double the key size to achieve the same level of security. This means that before QC becomes available to potential attackers, systems using RSA or ECC would have to be upgraded to more secure cryptographic schemes (while AES-dependent systems would need to increase the key size). For this reason, we are now witnessing the rise of Post-Quantum Cryptography (PQC) – a group of cryptographic schemes, such as Kyber and Falcon, which are not susceptible to any currently known attacks by QC.
Why vehicles are highly susceptible to quantum computing risks
Modern vehicles are connected to the outside world in many ways and for a variety of reasons. This trend is expected to increase in the coming years, due to the use of new vehicle technologies, for example, vehicle-to-infrastructure and vehicle-to-vehicle communications. Other than external communications, vehicles also possess various interfaces between the different computerized components inside the vehicle (called electronic control units, or ECUs) – all of which require secure passage of information.
Cryptography is widely used throughout the automotive landscape as a means to secure data confidentiality, as well as to authenticate the identity of its origin. Common examples include downloading a firmware update over-the-air (FOTA), remote engine ignition, connecting personal mobile devices to the infotainment unit, secure boot, power grid transactions during EV charging, fleet management and communications between in-vehicle systems.
Although QC affects all modern digital systems, vehicles are more susceptible to the dangers of QC for several reasons:
- Vehicles have a relatively long life cycle. New vehicles entering the market today will stay on the road for approximately 15 years, with the current average age of a passenger car in the US being around 12 years and rising. Electric cars are expected to have even longer life spans.
- ECUs are typically harder to update than personal computers and mobile devices. This is especially true for their cryptographic capabilities, which are often implemented in a dedicated hardware component, called a Hardware Security Module (HSM) or Secure Hardware Extension (SHE), making it impossible to change the cryptographic schemes without a change of hardware. Some ECUs can be updated seamlessly over the air, but many can only be updated in registered service stations using dedicated tools.
- Vehicles are composed of dozens of ECUs (sometimes more than 100), with the number of ECUs constantly rising in recent years. In most cases, several different ECUs will have to be upgraded inside a single vehicle to ensure its safety.
This combination of old software and hardware, longer lifespans than laptops and smartphones as well as the complexity of updating multiple systems, creates a situation where vehicles that are vulnerable to QC-related attacks will likely remain on the streets for years.
Fast forward to 2035: Future attack scenario
As a security researcher, I have learned the value of telling a story. Quite often, a vulnerability will remain unfixed because the developers aren’t convinced that it could have real-world ramifications.
A compelling story can help a client understand the risk potential of a security issue. Equally important, telling yourself a story as a security researcher can guide you towards the more significant issues and research branches. The following future scenario illustrates the chain of events and the potential impact of a QC-enabled attack on a vehicle fleet.
It is the year 2035. “Gamamzone”, the leading cloud services provider, has just launched its online Quantum Computing Services, falling a tad behind “Boogle”, the search engine empire, that launched a similar platform just three months prior. For the low price of $1000 an hour, anyone can run their program on a fully functional remote quantum computer that is able to break any cryptographic scheme within a few hours.
Bobby Malicious, an ill-tempered cyber-terrorist seeking to cause havoc, identifies the FOTA mechanism of old vehicles as a promising attack vector. He targets the 2025 AutoCar Plutonium, an older model that is vulnerable to post-quantum attacks but still has more than 100,000 instances on the road. He manages to gather the necessary funds and utilizes the quantum computer to easily bypass all cryptographic obstacles. Being a former employee of a major automotive cyber security firm, the attacker develops a malicious update and uploads it to all the 2025 Plutoniums with internet connectivity. The attacker now has complete control over tens of thousands of vehicles and is able to remotely immobilize them, or worse – cause them to slam the brakes in mid-drive. For his sinful achievements, Bobby is crowned king of cyber-terrorism, ushering in a bleak era in human history.
While this story is still closer to sci-fi than tomorrow’s news broadcast, many aspects of it might woefully prove to be very real in the not-too-distant future.
Mitigating the quantum computing risk in the automotive landscape
Now that we’ve seen that the danger is real, let’s discuss possible mitigation measures. The naive and more obvious approach to solve this problem would be to replace the cryptographic schemes in the automotive landscape with Post-Quantum Cryptographic (PQC) schemes, both in existing vehicles and those in development.
This approach will surely be adopted in the coming years when PQC will become the new standard (work related to PQC in the automotive landscape is already underway). However, in the meantime, this solution might prove unfavorable for a number of reasons:
- As previously mentioned, in many cases, it might be difficult or even impossible to update existing ECUs to have PQC capabilities.
- HSMs are still not equipped with PQC capabilities (although some architectures have already been proposed). Since vehicles heavily rely on HSMs for cryptography, it would be impossible for some ECUs to have PQC capabilities before HSMs have them.
- PQC schemes are not as well attested as their pre-quantum counterparts, such as RSA and ECC. This means that it is somewhat more probable that the mathematical problems at the basis of the PQC schemes will turn out to be not as difficult as once thought, rendering them unsafe to use. The libraries implementing these schemes haven’t been through the same constant review by cyber security experts, and are more likely to contain vulnerabilities and security issues. PQC schemes are currently under inspection by NIST, but this process is extremely elaborate and is not yet over.
Based on the above, updating the cryptographic components of existing ECUs to PQC and designing new ones with only PQC capabilities is not yet feasible, and is not necessarily the smartest option.
Nevertheless, there are still a number of ways to reduce the security risks presented by QC, until the obvious approach becomes feasible. In the technical sphere, here are a few suggestions:
- Doubling the key size in symmetric cryptographic schemes, such as AES (essentially increasing AES key length to 256 in alignment with NIST recommendations for key length).
- Complementing existing cryptographic schemes with PQC schemes, where possible. In such a scenario, both pre-quantum cryptographic schemes and PQC would have to be compromised for the mechanism to fail. This should be cautiously implemented to avoid a single point of failure.
- In cases where adding PQC schemes is not possible, consider complementing asymmetric cryptographic schemes with symmetric schemes, such as HMAC for authentication.
From an administrative standpoint, awareness of QC risks is paramount for the automotive industry, and should be taken into account when designing a new ECU or vehicle architecture. This would allow vehicle manufacturers to keep QC-vulnerable ECUs away from safety-critical components, reducing the impact QC would have on the vehicle. In parallel, pressure should be put on HSM manufacturers to have automotive-oriented HSMs with PQC capabilities as soon as possible. Moreover, manufacturers should prepare update, upgrade and recall plans in advance to be ready for a potential QC-based attack.
Granted, these are not perfect solutions, but they could significantly soften the blow QC might cause to the vehicle industry.
To recap, current development trends indicate that quantum computers might be coming sooner than you think, and the security implications of this new computing paradigm must be considered.Vehicles use #cryptography extensively for communication and other uses. The relative rigidity of automotive products means there is an urgent need to fit vehicles to the #quantumcomputing era as soon as possible. #cybersecurity #respectdataClick to Tweet
Quantum Computing could significantly impact the automotive industry, as it is more susceptible than other industries to QC-related risks. Accordingly, automotive players should begin to think about the possible effects of Quantum Computing ASAP. New designs should incorporate encryption schemes, functionality, and recovery plans to cope with the arrival of fully functional and attainable quantum computers in the foreseeable future.
 Quantum Cryptographic Threat Timeline
 IBM Quantum
 Kyber – Wikipedia
 Falcon (signature scheme) – Wikipedia
 Average Age of Automobiles and Trucks in Operation in the United States | Bureau of Transportation Statistics
 EV Lifespan: Do They Last as Long as Gasoline Cars?
 Number of automotive ECUs continues to rise
 RUB-Repository – Quantum safe authenticated key exchange protocol for automotive application
 Post-Quantum Secure Architectures for Automotive Hardware Secure Modules
 Post-Quantum Cryptography | CSRC