HP Launches PCs with Built-In Quantum Protection

In a world first, HP has launched a range of business PCs with firmware protected against hacking by future quantum computers.

Announced at the company’s annual partnership conference, select PC models will come with an upgraded Endpoint Security Controller (ESC) chip built in. According to HP, it offers advanced security that enables the management and protection of sensitive and regulated data.

The fifth-generation ESC design isolates the chip from the processor and OS to reduce the risk of data breaches, embedding protection against quantum computer hacks at the chip level.

Most organizations use asymmetric cryptography to protect sensitive data from being stolen. However, quantum computers threaten to be able to break the most commonly used forms of encryption within the next few years.

Industry research has found that 27% of experts think there is a 50% likelihood of a cryptographically relevant quantum computer (CRQC) by 2033. At this point, the trust that digital signatures on firmware and software provide will become irrelevant.

To date, most efforts to counter the threat of CRQCs have addressed software. But while software can be readily upgraded, hardware cannot, and attackers could even access and modify the underlying firmware to gain control of devices.

Related:Protecting Critical Networks with Integrated Quantum Approach

According to HP, business PC refresh cycles are three to five years, which may get longer due to a drive toward sustainability, meaning the migration toward post-quantum cryptography needs to begin now.

“With our 2024 ESC upgrade, the hardware will be in place to protect PC firmware integrity with quantum-resistant cryptography, providing a secure foundation ahead of upgrades to software implementations of cryptography on PCs in future,” said HP’s global head of security for personal systems Ian Pratt in a blog post.

The U.S. National Security Agency has published guidelines for migrating to quantum-resistant cryptographic algorithms for firmware digital signatures. The agency recommends that quantum-resistant cryptography be used from 2025 and requires them to be used for sensitive systems from 2030.