Adams Bridge ML-KEM Integration for Post-Quantum OCP LOCK in Caliptra (Q22c)
OCP LOCK is a security framework integrated into the Caliptra Root of Trust, designed to manage the secure lifecycle of encryption keys for self-encrypting storage devices. OCP LOCK provides a reliable and standardized approach to generating, protecting, and purging media encryption keys (MEKs), ensuring data-at-rest security throughout the device’s lifecycle, from provisioning to decommissioning. By offering verifiable control over key states, OCP LOCK enhances supply chain trust and reduces e-waste from drive destruction in data center environments. To achieve quantum-resistant protection, ML-KEM has been integrated into Caliptra supporting OCP LOCK operations. Its implementation through the Adams Bridge accelerator ensures efficient and side-channel-resilient post-quantum cryptography, meeting CNSA 2.0 security objectives while maintaining performance and resource efficiency. This talk will cover architectural countermeasures and masking techniques across PQC primitives, illustrating how Adams Bridge enables scalable and secure post-quantum key management within Caliptra.