HP has launched what it says are the world’s first business-grade PCs designed specifically to protect firmware from quantum-based cyber attacks.
The manufacturer unveiled the launch of the new device range at its annual partner conference in Las Vegas.
Under the plans, selected devices will be upgraded with HP’s Endpoint Security Controller (ESC) chip, offering users the “most advanced security that ensures the manageability and protection of sensitive and regulated data”.
This added layer of protection and security works by isolating the chip from the processor and operating system, according to Ian Pratt, global head of security for personal systems at HP.
HP said the added protection for these devices will become “progressively important” due to an expected increase in quantum computer attacks in the coming years.
“Research shows that 27% of experts think there is a 50% likelihood of a cryptographically relevant quantum computer (CRQC) by 2033. When that day comes, the security of existing digital signatures on firmware and software will be in question and digital trust will dissolve,” Pratt said.
Pratt noted that while software can be upgraded for the age of quantum computing, hardware can’t, presenting enterprises with potential long-term challenges.
“That includes some of the cryptography that protects PC firmware,” he added. “With no cryptographic protections in place, no device would be safe – attackers could access and modify the underlying firmware and gain total control.”
HP noted that the launch of the new quantum mitigation features comes at a critical time for the device manufacturing industry – especially given the pace of development in quantum and the added dynamic of device refresh cycles.
With typical refresh cycles now occurring every three to five years, Pratt said the “migration to post-quantum cryptography must start now”.
“With our 2024 ESC upgrade, the hardware will be in place to protect PC firmware integrity with Quantum-Resistant Cryptography, providing a secure foundation ahead of upgrades to software implementations of cryptography on PCs in future.”
HP move comes amid rising quantum security concerns
Concerns over the potential security risks associated with quantum computing have been rising in unison with the growth of the industry.
The Dutch government has issued guidance on the matter in the form of its Post-Quantum Cryptography (PQC) migration handbook, which called for critical national infrastructure providers to begin efforts to migrate to PQC.
Similarly, the US government has outlined recommendations around migrating to quantum-resistant cryptographic algorithms for firmware signing.
This guidance recommended using quantum-resistant cryptography from 2025 onwards, with a mandatory requirement for these standards by 2030.