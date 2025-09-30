Post Quantum Cryptographic firmware library

With the advent of quantum computers, traditional asymmetric cryptographic algorithms such as RSA, ECC, DH, ECDH, and ECDHE become vulnerable. In response, NIST has selected a new set of algorithms designed to be resistant to quantum computing attacks.

The STM32 post-quantum cryptographic library package (X-CUBE-PQC) includes all the major security algorithms for encryption, hashing, message authentication, and digital signing. This enables developers to satisfy application requirements for any combination of data integrity, confidentiality, identification/authentication, and nonrepudiation.

It includes both the PQC Leighton-Micali signature (LMS) and the extended Merkle signature scheme (XMSS) verification methods, which are used mainly for secure boot code authentication. It also includes the ML-KEM lattice-based algorithm, which can replace the current use of key exchange mechanisms to establish a secret key between two parties. ML-DSA is included for digital signatures. ML-DSA can replace ECDSA, EdDSA, and RSA-PSS in protocols, for instance in high-level applications as a method of authentication, of attestation, or both.

The library includes firmware functions for the STM32H563xx microcontrollers, based on the Arm Cortex‑M33 processor, and all cryptographic functions of STMicroelectronics X-CUBE-CRYPTOLIB.

