PQShield Releases Lightweight PQC Library for Embedded Systems

Insider Brief PQShield announced upgrades to its UltraPQ Suite at Embedded World, introducing an embedded post-quantum cryptography (PQC) library with a memory footprint of under 5KB. The updated PQMicroLib-Core enables quantum-resistant cryptography and TLS support for memory-constrained embedded devices through software upgrades rather than hardware changes. The upgrade also adds protections against physical attacks such as differential power analysis and fault injection, addressing new security risks introduced by larger PQC keys. PRESS RELEASE — PQShield, the market leader in post-quantum cryptography (PQC), has announced major upgrades to its UltraPQ Suite, delivering the smallest-ever PQC solution on the embedded market, the world’s first full-stack post-quantum TLS, and all-new protections against physical attacks for embedded devices. Announced at Embedded World in Nuremberg, PQShield’s upgraded PQMicroLib-Core brings quantum-resistant cryptography to embedded devices with a footprint of less than 5KB – the leanest professional-grade PQC solution for memory-constrained devices. Devices used in payments, medical wearables, industrial control systems and networking infrastructure are designed with extremely limited RAM. Yet new and mandatory PQC keys are heavier than existing cryptography, with some implementations requiring 30-40KB of RAM. That may be manageable in servers and laptops, but for microcontroller-based embedded systems with memory budgets measured in tens of kilobytes, they simply do not fit, or necessitate costly hardware upgrades or performance sacrifices. This challenge is especially acute for secure boot, which runs at the earliest stage of device startup with RAM constraints as severe as 8-10KB for the smallest units. Until now, there has been no practical way to implement NIST-standardized PQC within those limits, especially for the 20 billion “brownfield” devices in the field – already-deployed products that can only be upgraded with software. PQShield’s upgraded PQMicroLib-Core is the first practical, production-ready solution that meets those constraints. Its ultra-small 5KB memory footprint – the leanest configuration yet for embedded devices – allows manufacturers to deploy NIST-standardized PQC within their tight RAM budgets without sacrificing performance. It is as much as eight times smaller than other off-the-shelf and open source alternatives. Crucially, it can be integrated into brownfield products as a software-only upgrade. For industrial manufacturers operating at scale, the need to recall or redesign hardware across global device fleets would make the PQC transition commercially unviable. A lightweight, software-based upgrade path preserves product lifecycles and safeguards long-term compliance for long shelf-life products. World-first software stack for TLS and physical attacks This upgrade improves security for TLS – the protocol that protects communication between devices and the cloud. For the manufacturers of connected embedded devices like payment terminals and wearable medical tech, there hasn’t been a clear way to make TLS quantum-secure. The standard cryptography TLS API used for embedded systems, called PSA, wasn’t designed to support PQC – but PSA is vital for ease-of-use and universal portability. PQShield has solved this by creating the first full-stack, drop-in PQC solution for embedded TLS. PQMicroLib-Core has also been integrated with the PSA Certified Crypto API, reinforcing its compatibility with industry-standard embedded security frameworks and simplifying adoption for manufacturers building on PSA-based platforms. By combining PQMicroLib-Core with PSA, for the first time manufacturers can now upgrade to quantum-secure TLS that: Uses standard, portable APIs Can be added to existing hardware through a software update Works within the tight memory limits of embedded devices The upgrade also tackles new risks introduced by post-quantum cryptography. Larger PQC keys can make devices more vulnerable to physical attacks such as differential power analysis (DPA) and fault injection. The risk is higher for high-value devices that are physically accessible, such as telecoms and payments infrastructure. Not all products can afford hardware-based protections, and many brownfield devices still need software upgrades to fix this. The upgraded PQMicroLib-Core product protects embedded devices against these physical attacks, with DPA countermeasures integrated at the software level to eliminate the potential of side-channel attacks. This allows already-deployed devices to attain a high level of defence against physical attacks through software alone, and can also be hard-wired into the silicon of chips in production now. PQShield is already working with major chipmakers and embedded systems manufacturers to support the global adoption of ultra-small PQC, including a new collaboration with STMicroelectronics alongside existing collaborations and projects with Microchip Technologies, Lattice Semiconductor, IAR Systems and many others. PQShield CEO and founder Dr Ali El Kaafarani said: “Post-quantum cryptography is the biggest cybersecurity transition in a generation. It needs to be thorough but also practical, and can’t come at the expense of operational efficiency or good performance. We’ve worked hard to develop implementations for the embedded sector that give manufacturers the security they need with the convenience they want – through software upgrades rather than hardware recalls, and by developing the most lightweight post-quantum cryptography on the market.” Mohib Ur Rehman LinkedIn Mohib has been tech-savvy since his teens, always tearing things apart to see how they worked. His curiosity for cybersecurity and privacy evolved from tinkering with code and hardware to writing about the hidden layers of digital life. Now, he brings that same analytical curiosity to quantum technologies, exploring how they will shape the next frontier of computing. Share this article: