Three demonstrators

Post-quantum schemes are implemented on different platforms and validated in three application domains — each with partners whose products remain in use for more than 15 years.

Automotive

Quantum-resistant PKI for vehicle ECUs, over-the-air updates and secure vehicle communication. Focus on long-lived embedded systems and seamless migration without production downtime.

BMW · Bosch · ETAS · NXP

Industry 4.0

PQC integration in M2M communication and OPC UA for production plants. Hybrid certificates enable parallel operation of classical and post-quantum-secure channels in cyber-physical systems.

Robert Bosch GmbH · Fraunhofer AISEC

Trust services

PKI operation by trust service providers with hybrid X.509 certificates. Certificate issuance, validation and revocation across the full lifecycle — backwards compatible with existing infrastructures.

D-Trust · Deutsche Telekom Security

Hybrid PKI architecture

Core innovation of FLOQI: a PKI that simultaneously supports classical and post-quantum algorithms — instead of forcing a big-bang switch.

Technical milestones

  1. Hybrid X.509 certificates Development of certificate formats combining classical and PQC signatures in one chain — validated in TLS 1.3 (ASIA CCS 2022).
  2. Parallel deployment Procedures for simultaneous operation of conventional and quantum-resistant PKIs without downtime.
  3. TPM-based PQC Case study on quantum-resistant, mutually authenticated TLS in IoT environments with trusted platform modules (ARES 2021).
  4. OPC UA integration Post-quantum security for industrial IoT via hybrid OPC UA (ETFA 2020).
  5. Standards contribution Results feed into IETF, ETSI and NIST contexts for post-quantum migration.
Illustration: security and encryption

Related projects

Further BMBF projects in the "Post-Quantum Cryptography" funding programme:

External reference project: MTG AG — PQC-PKI demo

Publications on these results →