Agile, post-quantum secure cryptography in avionics

Abstract

To introduce a post-quantum-secure encryption scheme specifically for use in flight-computers, we used avionics’ module-isolation methods to wrap a recent encryption standard (HPKE-Hybrid Public Key Encryption) within a software partition. This solution proposes an upgrade to HPKE, using quantum-resistant ciphers (Kyber/ML-KEM and Dilithium/ML-DSA) redundantly alongside well-established ciphers, to achieve post-quantum security. Because cryptographic technology can suddenly become obsolete as attacks become more sophisticated, “crypto-agility”—the ability to swiftly replace ciphers—represents the key challenge to deployment of software like ours. Partitioning is a crucial method for establishing such agility, as it enables the replacement of compromised software without affecting software on other partitions, greatly simplifying the certification process necessary in an avionics environment. Our performance measurements (Sect. 5) provide initial evidence that both the memory and cpu performance characteristics of this solution are suitable for deployment in flight-computers. Performance measurements show a memory use of 5 MB of RAM and under 200 KB of stack usage for encryption, compared to a baseline implementation without any encryption; decryption is much more lightweight (under 300 KB RAM overhead, under 100 KB of stack requirement overhead). Generally, the post-quantum algorithms benchmarked where faster than their pre-quantum alternatives; due to the use of hybrid security this leads to a performance overhead of just about 90% compared to the pre-quantum only variant. The implementations benchmarked are optimized for CPU-performance and alternative, lower quality implementations showed much more modest memory requirements, leading us to conclude that there is much room for optimization, targeting use-case specific tradeoffs between memory use and performance.