Infineon Technologies, the German Federal Printing Office (Bundesdruckerei) and the Fraunhofer Institute for Applied and Integrated Security (AISEC) have developed a demonstrator for an electronic passport that meets the security requirements of the quantum computing era (Post Quantum Cryptography or PQC).
"We are launching the encryption procedures which will be needed to repel quantum computer attacks of tomorrow," said Maurizio Skerlj, Vice President and head of Infineon’s Identity Solution Product Line. "Working together we have succeeded in efficiently implementing quantum-resistant encryption procedures and making them available for use in practice."
The heart of the demonstrator is a security controller from Infineon which protects data from both conventional attacks and attacks that use quantum computers.
Commenting Dr Manfred Paeschke, Chief Visionary Officer at Bundesdruckerei, added, “Our solution shows how durable ID documents can be protected from attacks by quantum computers while at the same time compatibility with existing systems is preserved.”
Fraunhofer AISEC's Professor Marian Margraf said, "The core of our demonstrator uses the cryptographic methods Dilithium and Kyber, which the US national standardisation institute NIST selected in July 2022 after a worldwide competition for post-quantum cryptography. Based on that, we developed protocols for the passport that were then subjected to a further independent security evaluation."
The demonstrator shows a solution for contactless data transfer between the ePass and the border checkpoint terminal. The solution is based on a quantum computer-resistant version of the Extended Access Control (EAC) protocol and also secures biometric data during authentication.
The system was created under the leadership of Fraunhofer AISEC in the joint research project "PoQuID", funded by the German Federal Ministry for Economic Affairs and Climate Action (BMWK). The security methods tested in the project are compatible with established structures and can also implement quantum-resistant encryption. In the process, much emphasis was placed on participation in international standardization bodies in order to ensure that the solution can also be implemented worldwide.