This work addresses the vulnerability of traditional trusted computing to quantum attacks, as its reliance on asymmetric cryptography renders firmware-based roots of trust insecure in the post-quantum era. The study systematically analyzes the challenges of integrating post-quantum cryptography (PQC) into trusted computing infrastructures and proposes, for the first time, a quantum-resistant trusted architecture compatible with existing systems that enables firmware-level integrity verification. By outlining a clear PQC migration roadmap and designing a novel trusted computing framework incorporating PQC primitives, this research provides a practical pathway toward quantum-safe firmware protection and advances the evolution of trusted computing into the post-quantum age.

Trust is the core building block of secure systems, and it is enforced via methods to guarantee that a specific system is properly configured and works as expected. In this context, a Root of Trust (RoT) establishes a trusted environment, where both data and code are authenticated via a digital signature, which is based on asymmetric cryptography. Unfortunately, this kind of crypto is vulnerable to the threat posed by Quantum Computers (QCs). Firmware, being the earliest layer of trust, faces unique risks due to its longevity and difficult update. Transitioning firmware protection to Post-Quantum Cryptography (PQC) is urgent, since it lowers the risk derived from exposing all computing and network devices to quantum-based attacks. This paper offers an analysis of the most common trust techniques and their roadmap towards a Post-Quantum (PQ) world, by investigating the current status of PQC and the challenges posed by such algorithms in existing Trusted Computing (TC) solutions from an integration perspective. Furthermore, this paper proposes an architecture for PQ TC techniques based on integrity verification, addressing the imperative for immediate adoption of quantum-resistant algorithms.