Future-proof security solution: Infineon launches world’s first TPM with a PQC-protected firmware update mechanism

Quantum computing is expected to have a significant impact on cybersecurity, specifically on the confidentiality of encrypted data and on the integrity of digital signatures. To address these challenges, Infineon Technologies AG (FSE: IFX / OTCQX: IFNNY) is taking security to the next level with the new OPTIGA™ TPM (Trusted Platform Module) SLB 9672, a future-proof security solution with a post-quantum cryptography (PQC) protected firmware update mechanism using XMSS signatures.

This mechanism counteracts the threat of firmware corruption by attackers with access to quantum computers and increases long term survivability of the device by enabling a quantum-resistant firmware upgrade path. The standardized, out-of-the-box TPM provides a solid foundation for securely establishing the identity and software status of PCs, servers, and connected devices, and for protecting the integrity and confidentiality of data at rest and in transit.

Infineon’s latest addition of the OPTIGA TPM family is the industry’s first TPM to offer a firmware update mechanism with a 256-bits key length, along with an additional check based on PQC. With this strong and trusted update mechanism, the OPTIGA TPM SLB 9672 can still be updated if the standard algorithms are no longer trusted. Its design is engineered for improved computing performance with fail-safe features that counteract the effects of corrupted firmware. For instance, built-in fail-safe features enable TPM firmware recovery in accordance with the NIST SP 800-193 Platform Firmware Resiliency Guidelines.

This TPM also provides an expanded non-volatile memory to store new features such as additional certificates and cryptographic keys. Security evaluation and certification are performed by independent bodies according to the Common Criteria and FIPS requirements. The new TPM also fully complies with the Trusted Computing Group (TCG) requirements (TPM 2.0 standard version 1.59) and is certified according to the latest TPM 2.0 standard.

Featuring a standardized trust base, as well as various tools to support design activities (software/demo boards), this TPM enables easy integration with host software. It also supports the latest versions of Windows and Linux. Furthermore, the chip boasts an extended temperature range of -40°C to 105°C. Infineon is committed to the long-term availability of OPTIGA TPM SLB 9672 for a minimum of ten years and offers tailored support and maintenance through the Infineon Security Partner Network (ISPN). With this long-term commitment, customers can not only rely on the TPM’s continued availability but also on Infineon’s support.