Mark Ryan, David Galindo, David Oswald
The goal of FutureTPM is to design a quantum-resistant (QR) Trusted Platform Module (TPM) by designing and developing QR algorithms suitable for integration in a TPM. The algorithm design will be accompanied with implementations and performance and security evaluations, Professor Mark Ryan as well as formal security analyses in the full range of TPM environments: hardware, software and virtual. The lead users will be in the online banking, activity tracking and device management domains, which will provide environments and applications to validate the FutureTPM framework.
Security, privacy and trust in a computing system are usually achieved using tamper-resistant devices to provide core cryptographic and security functions. The TPM is one such device and provides the system with a root-of-trust and cryptographic engine. However, to sustain enhanced security posture, it is crucial that the crypto functions in the TPM are not merely secure for today but will also remain secure in the long-term against quantum attacks.
FutureTPM will address this challenge by providing a new generation of TPM solutions, incorporating robust and provably-secure QR algorithms. Research on QC has drawn enormous attention from governments and industry; if, as predicted, a large-scale quantum computer becomes a reality within the next 15 years, existing public-key algorithms will be open to attack. Therefore, a smooth transition to QR cryptography is required, since history shows that any significant change takes time and requires theoretical and practical research before adoption. A key strategic objective of FutureTPM is to contribute to standardization efforts at EU level within TCG, ISO and ETSI. The consortium consists of high caliber industrial and academic partners from across Europe combining QR crypto researchers with TPM developers. Because the TPM shares many functions in common with other widely-used devices--such as HSMs or TEEs--the FutureTPM solution is expected to benefit them as well.
Project partners include:
- University of Surrey (technical lead)
- Technikon (coordinator)
- University of Luxembourg
- IBM Research
- Royal Holloway, University of London
- Infineon Technologies
- Suite5 Data Intelligence Sollutions
- INESC-ID, Lisbon
- University of Piraeus Research Centre
- Huawei Technologies Dusseldorf
- Viva Payment Services
The University of Birmingham will be contributing research into security requirements and properties, post-quantum cryptography, security verificationa and analysis, and run-time vulnerability analysis.
The FutureTPM project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 779391.