Embedded World 2025: wolfSSL Unveils Post Quantum Cryptography and Security Solutions

wolfSSL Inc. announces its participation in Embedded World 2025, taking place March 11–13 in Nuremberg, Germany. Attendees can visit Booth #4-201A to explore the company‘s latest advancements in embedded security.

“We are thrilled to showcase our latest innovations at Embedded World 2025,” said Larry Stefonic, CEO, wolfSSL. “As a leader in cryptography and network security, we remain committed to equipping developers with the tools they need to build secure, resilient embedded systems. We look forward to engaging with attendees and demonstrating how our solutions address the ever-evolving cybersecurity challenges across industries worldwide.”

Key Highlights from wolfSSL at Embedded World 2025:

wolfSSL support for Post Quantum
The company‘s post-quantum cryptographic solutions are designed to work efficiently and seamlessly with embedded systems, offering robust security, CAVP certification, minimal resource consumption, and bare metal support. They enable embedded devices to remain secure as we transition into the quantum computing era, all while ensuring compatibility with current technologies. The firm enable users to achieve CNSA 2.0 support quickly and efficiently.

Integration with wolfCrypt

• wolfSSL now includes support for post-quantum cryptographic algorithms in TLS, enabling embedded systems to use PQC schemes alongside traditional algorithms (like RSA and ECC). This means developers can add quantum-resistant algorithms to their applications without completely overhauling existing cryptographic systems.

• Supported algorithms, such as ML-KEM (for public-key encryption) and ML-DSA (for digital signatures), are implemented to offer practical security in resource-constrained environments, maximizing security and performance.

Lightweight and Optimized for Embedded Platforms

• WolfSSL focuses on optimizing its libraries for embedded environments. This includes ensuring that the PQC algorithms are lightweight enough to run on microcontrollers and other resource-limited devices. It makes these solutions highly configurable to cater to different hardware capabilities, ensuring efficient use of memory and CPU power.

Hybrid Cryptography Support

• WolfSSL supports hybrid cryptography, meaning both traditional and post-quantum algorithms can be used together. This approach allows embedded devices to maintain backward compatibility with legacy systems while gradually transitioning to quantum-resistant algorithms. For instance, a system could use classical algorithms for today’s security and PQC algorithms for future-proofing.

Security Agility for Embedded Applications

• Post-quantum algorithms in wolfSSL allow developers to choose the right security protocols based on their embedded device’s needs. As quantum computing advances, these algorithms can be updated or replaced without disrupting the system, ensuring long-term protection. This adaptability is crucial for embedded devices with extended lifecycles, like automotive or industrial IoT systems.

Cryptographic Acceleration

• Many embedded systems use hardware acceleration for cryptographic operations to improve performance. The company’s post-quantum solutions can be integrated with hardware-based accelerators, ensuring the PQC algorithms can perform efficiently, even in constrained environments.

Compliance and Certification

• For embedded systems that need to meet specific compliance standards (e.g., ISO 26262 for automotive, DO-178 for Aviation or FIPS 140-3, FIPS 203/204 and CNSA 2.0 for government applications), wolfSSL’s post-quantum cryptography solutions can be used in conjunction with existing certified cryptographic modules, maintaining high security standards while enabling forward-looking protection against quantum attacks.

Release of wolfHSM 1.1.0
The company provides a portable, open-source abstraction for hardware cryptography, enabling secure key management, NVM protection, and isolated secure processing. It is primarily used with Automotive HSM hardware.

Features include:

• Integration with Infineon Aurix Tricore TC3XX for enhanced automotive security.
• Support for China’s mandated cryptographic algorithms (SM2, SM3, SM4).
• Post-quantum cryptography (Kyber, LMS, XMSS) for future-proof security.
• Automatic utilization of available hardware cryptographic processing to optimize performance.

Release of wolfBoot 2.4.0: Enhanced Secure Bootloader with wolfHSM Integration
The latest version of wolfBoot delivers expanded platform support, new features, and significant performance enhancements, reinforcing its role as the premier secure boot solution.

Key Enhancements:

• Integration with wolfHSM – Enables secure key management, seamless public key revocation, and post-quantum ML-DSA support.
• Enhanced Delta Updates – Improved base image detection for more reliable firmware updates.
• Expanded Hardware Support – Now compatible with NXP Layerscape LS1028A, with updates for ARMv7-M/ARMv8-M, x86-FSP, Xilinx UltraScale+, and Intel TigerLake.

• Performance Boost – New wolfCrypt assembly optimizations significantly reduce boot times across all ARM devices.

Post-Quantum Cryptography with wolfHSM
The firm’s wolfHSM now supports post-quantum cryptographic algorithms through wolfCrypt, ensuring long-term security against emerging quantum threats.

• ML-KEM – A key encapsulation mechanism for secure key establishment.
• ML-DSA – A post-quantum signature scheme, offering a secure alternative to ECDSA and RSA.
• LMS and XMSS – Stateful hash-based signature schemes ideal for firmware and software signing, with wolfHSM ensuring proper state management.

By integrating post-quantum algorithms, the company empowers developers with cutting-edge cryptography without requiring deep expertise in post-quantum security.

Live Demonstrations
Attendees can experience wolfSSL’s security solutions firsthand through 4 live demos:

• Demo 1: NXP / Infineon – TLS, MQTT, SSH, TPM, and wolfBoot on NXP FRDM-MCX platforms.
• Demo 2: STMicro – Cryptographic benchmarks on ST32MP257F with OpenSTLinux.
• Demo 3: Intel / Curtiss-Wright / SysGo – Secure boot with Curtiss-Wright’s Intel RaptorLake VPX Card and SysGo PikeOS.
• Demo 4: Winbond – Post-quantum LMS firmware signing using Winbond W77Q Secure Flash Memory.