The development of powerful quantum computers is considered a technological milestone, but at the same time poses a fundamental threat to established security mechanisms. Methods such as RSA or ECC, on which large parts of today’s digital security are based, could be compromised by quantum algorithms in the future. Against this backdrop, post-quantum cryptography (PQC) is gaining strategic importance – not only for data centres and cloud infrastructures, but increasingly also for networked end devices.
A new partnership between Samsung System LSI and Thales marks a technological turning point in this area: for the first time, quantum-resistant cryptography is being implemented directly in an embedded secure element (eSE) that can be accommodated even in very small, resource-constrained devices.
Why post-quantum cryptography is relevant now
Sensitive data is already potentially at risk today, even though it is currently still encrypted. The ‘harvest now, decrypt later’ scenario describes a real threat: attackers can collect and archive encrypted information in order to decrypt it later with the help of quantum computers. This affects personal data as well as information from critical infrastructures or industrial systems.
This is where post-quantum cryptography comes in. It is based on new mathematical methods that are resistant to both classic attacks and future quantum attacks. The aim is to ensure the confidentiality, integrity and authenticity of digital information in the long term – over decades.
From the cloud to the edge: a technological breakthrough
Until now, the use of PQC has been largely limited to high-performance environments such as data centres or cloud platforms. The reason: the algorithms require high computing power, memory and energy. For many end devices – for example, in the IoT, industrial or medical technology environments – this has not been practical until now.
The solution now being introduced breaks through this limitation. Samsung has integrated two dedicated hardware accelerators into its new S3SSE2A eSE chip, which are specifically designed for PQC operations. This allows cryptographic processes to be executed many times faster than with purely software-based implementations, while consuming significantly less energy.
Thales supplements this hardware with a specially optimised secure operating system and corresponding cryptographic libraries. The software is designed for minimal memory and power consumption and offers integrated protection mechanisms against side-channel and timing attacks. The result is a close integration of hardware and software that addresses security, performance and energy efficiency in equal measure.
The importance of quantum-resistant security at the edge of the device
With the integration of PQC directly into a secure element, a previously centralised security approach is shifting to the edge of the network. Authentication, encryption and key management can be performed directly in the device itself – without dependence on external systems or a permanent cloud connection.
This is a decisive advantage for an increasingly networked world. Whether consumer goods, industrial controls or medical devices: they all process sensitive data and often have to operate under tight energy and latency constraints. Hardware-based PQC gives even the smallest devices a level of security that was previously reserved for large IT systems. At the same time, the protective effect remains in place from the moment the device is first started up and is equipped to withstand new attack scenarios in the long term.
Standards, certifications and crypto agility
The joint solution is based on the current recommendations of the US National Institute of Standards and Technology (NIST) for post-quantum cryptography. This includes support for the ML-KEM algorithm (FIPS 204). A key architectural feature is what is known as crypto agility: Algorithms can be updated or replaced without having to replace the hardware – a crucial factor in view of evolving standards.
In addition, the Secure Element is designed for high security certifications, including Common Criteria EAL6+. It thus offers effective protection against both physical tampering attempts and sophisticated cyber attacks – today and in the future quantum era.
Outlook: PQC as the new industry standard
For Samsung System LSI and Thales, this development represents a first step towards bringing post-quantum cryptography from specialised IT environments to the mass market. The availability of quantum-resistant security directly at the edge of the device could become a new standard – especially in areas where long-term data security and regulatory requirements play a central role.
This makes PQC not only a response to future threats, but also a strategic building block of modern security architectures designed to protect digital identities, data and systems for many years to come.
