Optiga TPM future-proofs security with PQC-protected firmware update
Addressing the challenges of quantum computing, namely cybersecurity, specifically on the confidentiality of encrypted data and on the integrity of digital signatures, Infineon Technologies has developed the Optiga TPM (trusted platform module) SLB 9672. It says it is a future-proof security solution with a post-quantum cryptography (PQC) protected firmware update mechanism using XMSS signatures.
The PQC mechanism counteracts the threat of firmware corruption by attackers with access to quantum computers and increases long term survivability of the device by enabling a quantum-resistant firmware upgrade path. The standardised TPM provides a foundation for securely establishing the identity and software status of PCs, servers and connected devices, and for protecting the integrity and confidentiality of data at rest and in transit.
Infineon’s latest member of the Optiga TPM family is also claimed to be the industry’s first TPM to offer a firmware update mechanism with a 256-bits key length, along with an additional check based on PQC. This mechanism allows the Optiga TPM SLB 9672 to still be updated even if the standard algorithms are no longer trusted. The design is engineered for improved computing performance and to counteract the effects of corrupted firmware. For example, built-in, fail-safe features enable TPM firmware recovery in accordance with the NIST SP 800-193 Platform Firmware Resiliency Guidelines.
The TPM also provides an expanded non-volatile memory to store new features such as additional certificates and cryptographic keys. Security evaluation and certification are performed by independent bodies according to the Common Criteria and FIPS requirements. The TPM also fully complies with the Trusted Computing Group (TCG) requirements (TPM 2.0 standard version 1.59) and is certified according to the latest TPM 2.0 standard.
The standardised trust base is accompanied by tools to support design activities (e.g., software and demo boards), this TPM enables easy integration with host software. It also supports the latest versions of Windows and Linux.
The chip has an extended temperature range of -40 to +105 degrees C.
Infineon is committed to the long-term availability of Optiga TPM SLB 9672 for a minimum of 10 years and offers tailored support and maintenance through the Infineon Security Partner Network (ISPN).
The Optiga TPM SLB 9672 is available to order now.
