Post-Quantum Crypto IP Data Sheet

PQShield creates post-quantum cryptography solutions. Formed as a spinout of the University of Oxford by cryptography researchers and specialists, we have unrivaled domain expertise in the design and implementation of quantum-resistant cryptography for software and hardware applications. We help customers transition their product lines from legacy RSA and Elliptic Curve cryptography to quantum-secure standards by offering ready-made and tailored IP for secure elements, IoT firmware, PKI and server technologies, and end-user applications.

PQShield is a member of RISC-V International and an active participant in the NIST Post-Quantum Cryptography project.


PQSoC is a configurable “System on Chip” design built from PQShield’s modular IP cores, offering features and functionality suitable for smart cards and other hardware-based secure elements. PQSoC components have been designed to implement upcoming post-quantum cryptographic standards – while also offering efficient interoperability with legacy algorithms.

Post-quantum cryptography is based on different mathematical foundations than traditional “number theoretic” RSA and Elliptic Curve algorithms. Quantum-resistant lattice-, code-, and multivariate algorithms do not benefit from the hardware acceleration features available in traditional smart cards and secure elements. As a post-quantum pioneer, PQShield has a deep understanding of the computational and mathematical requirements of these new algorithms which has led to significant architectural and design innovations in our hardware implementations.

Hardware Components

  • Pluto: A lightweight, secure RISC-V (RV32-I/E-/M/C) core for control functions.
  • PQC Mathematics Co-processor that reduces latency and power consumption of post-quantum cryptography computations to 10-20%, while maintaining flexibility for algorithmic refinement.
  • Symmetric Cryptography. A secondary cryptography co-processor that supports symmetric encryption algorithms (AES), hash functions (SHA3, hash-based cryptography), and secure random-number generation.
  • Peripherals and interfaces for persistent key storage, communication, development, and testing.

The Pluto RISC-V Core

The Pluto Core forms the heart of the PQSoC Secure Element Design. Our cryptographic coprocessors can be integrated with other cores (e.g. ARM) but those are not specifically designed for security applications.

The RISC-V ISA is a Standard, State-of-the-art Instruction Set Architecture. Our implementation is fully compatible with GCC toolchains and various IDEs, greatly speeding up the development cycle when compared to proprietary security element ISAs.

Technical details:

  • RV32I base ISA (Instruction Set Architecture) with optional M (multiplication/division), C (compressed instruction set), E (reduced register set) extensions.
  • Designed for security applications – eliminates side-channel leakage with constant time arithmetic, table lookups, and other design features.
  • Compact 3-stage pipeline design, achieves single-clock instruction execution in most cases.
  • Harvard Architecture – Separate instruction and data paths. Helps to speed up Flash execution and also to protect against malicious code.
  • Allows PQSoC to implement dedicated custom ISA extensions to support and speed up cryptographic operations.
  • Implemented in synthesizable Verilog, proven in hardware simulations and fast FPGA, designed for Silicon.