Quantum computing is becoming a near-future reality that demands action today. As government regulators set
aggressive timelines, product designers face the challenge of securing devices that will remain in the field for
decades. At NXP, we’ve embedded Post-Quantum-Cryptography (PQC) into our security architecture as a foundational
element. This article explores how NXP’s portfolio enables seamless PQC adoption across new and existing products,
helping you stay compliant, agile and secure from boot to runtime.
Why PQC Matters for Your Business
Quantum computers will soon be able to break traditional cryptography like Rivest-Shamir-Adleman (RSA) and Elliptic
Curve Cryptography (ECC). This means that long-life products must be protected with future-proof cryptography. NXP
integrates PQC directly into its hardware and software to ensure that your products are secure from day one to end
of life.
Migrating to PQC promises to be one of the most complex challenges facing the security industry in the coming years.
Over the last nine-plus years, NXP has been at the forefront of post-quantum cryptographic innovation by designing
the new National Institute of Standards and Technology (NIST) standards and preparing them for real-world embedded
use cases. Today, we are addressing the challenge head-on by integrating PQC into our product portfolio where it
matters most—hardware roots of trust, which help guarantee PQC platform security from the moment a system powers on
until the end of its lifetime, and secure cryptographic libraries to design PQC into any security critical
application.
We will introduce support for PQC into nearly all new product releases, starting with the i.MX 94 and i.MX
95 industrial application processor families, the S32N
vehicle super-integration processors and S32K5 automotive
microcontrollers, as well as higher-end microcontrollers out of the MCX family. Next-generation secure elements, serving the mobile,
Industrial IoT and secure identity markets, will also feature dedicated PQC hardware support and can be included as
a ready-to-use solution for any Integrated Circuit (IC). For existing updatable systems capable of running
post-quantum cryptographic algorithms, software updates will be available to extend their run-time cryptographic
services with PQC.
Explore PQC-secure products across the NXP portfolio. Visit the PQC page to learn how NXP is leading the
way in securing the future.
Global Timelines and Compliance
Governments and agencies worldwide are setting deadlines for PQC adoption, aiming for the majority of the migration
to be complete no later than 2035. For example, the National Security Agency (NSA) requires systems handling
national security information to adopt NIST-approved post-quantum algorithms by 2027, and the EU PQC roadmap
includes a 2030 deadline for high-risk use cases. NXP’s upcoming products and roadmaps are already aligned with
these standards, helping you meet regulatory requirements with ease.
The development of Cryptographically Relevant Quantum Computers continues to pose a threat to traditional
cryptography. This risk has led to the development of PQC algorithms, most notably through the publication of Federal Information Processing
Standards (FIPS) 203-206 by the NIST in the United States. The timely transition towards PQC is a
complex process, but globally, it is strongly recommended by security experts and government and security agencies.
For example, in the National
Security Memorandum (NSM) 10 , the U.S. cites 2035 as the goal year for mitigating the quantum risk as
much as possible. As a result, the NSA released guidelines in the Commercial National
Security Algorithm Suite 2.0 (CNSA 2.0) requiring all new acquisitions of National Security Systems to
be compliant with NIST PQC algorithms by 2027. The tentative
roadmap of the European Commission proposes enabling quantum-safe software and firmware upgrade by the
end of 2030. Meanwhile, the Institute of
Commercial Cryptography Standards in China launched its own global program in 2025 to develop
next-generation algorithms that are secure against quantum computers.
PQC Made Practical with NXP
NXP embeds PQC at the hardware root of trust, enabling secure boot, software or firmware updates and secure
communications for new products designed to resist quantum threats. For existing systems, firmware upgrades can
enhance resilience against quantum attacks. This balanced approach allows original equipment manufacturers (OEMs) to
extend the life and security of existing platforms while preparing for a future with PQC-ready hardware.
The concrete migration timelines outlined by the United States and the European Union have a direct impact on the
development of today’s systems. Already-deployed hardware and software will remain in operation for many years,
particularly in automotive and industrial domains, in which devices may stay active for 20+ years. This implies the
need for cryptographic agility, where systems can be updated and upgraded (e.g., via a firmware or software update)
to improve security functionality as the need arises.
While there are many ways to architect a system, ranging from simple to very complex depending on the application
space, ultimately the security traces back to a hardware Root of Trust. For post-quantum security to be achievable,
it is necessary that the hardware root of trust is PQC secure, as the security and agility of all higher-level
(software) components depend on it.
With the hardware root of trust covered, systems can establish the authenticity and integrity of hardware and
software upon reset. This trustworthy starting point provides the foundation for data encryption and run-time
applications, such as Transport Layer Security (TLS)
1.3 for establishing secure channels to incorporate support for PQC algorithms as well.
Organizations such as the Internet Engineering Task Force (IETF), GlobalPlatform, Global Systems for Mobile
Communications Association (GSMA), International Civil Aviation Organization (ICAO) and many others are actively
developing protocol stacks for many applications to define (hybrid) post-quantum alternatives. The support for such
a wide variety of protocols will require secure and efficient run-time PQC libraries to be provided for developers.
Hybrid Post-Quantum Root of Trust.
For a better experience, download the
image.
NXP’s Portfolio: PQC-ready products
We have designed our security strategy to help ensure long-term security for our products, and PQC plays an important
role to this end. PQC is not an add-on at NXP, it is integrated into our security strategy across our full
portfolio, including industrial, edge, automotive, mobile and secure identity domains. With a unified vision and
forward-looking approach towards adopting PQC, we are simplifying the transition in an already complex migration,
and providing crypto agility where necessary and possible. This ambitious strategy has been years in the making and
is already part of the design of a large portion of systems launching this year and next. With NXP products, the
challenging PQC-adoption timelines—laid out by CNSA 2.0 and the European Union’s PQC Implementation Roadmap—become a
reality.
Hybrid Hardware Roots of Trust for High-Risk, Long-Lifecycle Products
For products whose lifetimes will extend into the era of cryptographically relevant quantum computers, and for which
the risk profile of their application domain is sufficiently high, we will aim to integrate hybrid post-quantum
hardware roots of trust. These combine traditional and quantum-resistant mechanisms, including the use of 256-bit
Advanced Encryption Standard (AES) key lengths and at least 384-bit hash function digest lengths for all critical
assets. We will also offer pre-provisioned public key material compatible with the FIPS 204 standard
Module-Lattice-Based Digital Signature Algorithm (ML-DSA), as well as customer programmable bits for custom PQC key
material (supported by EdgeLock 2GO). Combined with ML-DSA
implementations in immutable memory, these approaches provide post-quantum security for platform and protocol
security features such as secure boot, update and debug. Meanwhile, the hardware root of trust offers post-quantum
security protection from reset all the way to the first instruction that an application executes, and at run-time by
authenticating any attempt to update or to open debug interfaces.
Compliance with the CNSA 2.0 algorithm suite is assured for relevant application domains, including the option to use
Leighton-Micali Signatures (LMS) as defined in the Special Publication 800-208 for secure software or firmware
verification.
Runtime PQC Services for New and Existing Products
For both new and existing products, run-time cryptographic services will be available, making use of the strong key
isolation and physical protection of the Edgelock® Secure Enclave (ELE), Secure Element or Hardware Security Engine
(HSE / HSE2) if available. These services enable secure operations like encryption, authentication and protocol
support during device operation. Firmware upgrades can extend these services to include quantum-resistant
algorithms, enhancing resilience against threats like harvest-now, decrypt-later attacks.
The presence of a Secure Hash Algorithm-3 (SHA-3) hardware accelerator, included on many of the NXP devices, will be
used to significantly improve performance. For very high-security products such as secure elements, additional
dedicated PQC hardware will be included to meet the performance and physical security requirements needed for
security profiles such as Common Criteria Evaluation Assurance Level 6 (EAL6).
Next Steps
Ready to secure your future? Explore NXP’s PQC-ready products or contact our team at pqc@nxp.com to discuss how we can help you future-proof your product roadmap.
