Post-Quantum Cryptography for Intelligent Transportation Systems: An Implementation-Focused Review

TL;DR

This paper reviews the implementation challenges and readiness of post-quantum cryptography in intelligent transportation systems, highlighting vulnerabilities, standards gaps, and future research directions for secure vehicular communication in the quantum era.

Contribution

It provides a comprehensive evaluation of PQC integration in ITS, identifying key research gaps and proposing a phased roadmap for secure deployment aligned with standards and safety.

Findings

Limited PQC-ready standards for ITS

Vulnerabilities in physical implementation layers

Identified research gaps and future directions

Abstract

As quantum computing advances, the cryptographic algorithms that underpin confidentiality, integrity, and authentication in Intelligent Transportation Systems (ITS) face increasing vulnerability to quantum-enabled attacks. To address these risks, governments and industry stakeholders are turning toward post-quantum cryptography (PQC), a class of algorithms designed to resist adversaries equipped with quantum computing capabilities. However, existing studies provide limited insight into the implementation-focused aspects of PQC in the ITS domain. This review addresses that gap by evaluating the readiness of vehicular communication and security standards for adopting PQC. It examines in-vehicle networks and vehicle-to-everything (V2X) interfaces, and investigates vulnerabilities at the physical implementation layer of cryptographic hardware and embedded platforms, primarily exposure to side-channel and fault injection attacks. The review identifies thirteen research gaps: non-PQC-ready standards; constraints in embedded implementation and hybrid cryptography; interoperability and certificate-management barriers; a lack of real-world PQC deployment data in ITS; and physical-attack vulnerabilities in PQC-enabled vehicular communication. We present several future research directions, including updating vehicular communication and security standards, optimizing PQC for low-power devices, enhancing interoperability and certificate-management frameworks for PQC integration, conducting real-world evaluations of PQC-enabled communication and control functions across ITS deployments, and strengthening defenses against AI-assisted physical attacks. A phased roadmap is presented that aligns PQC deployment with regulatory, performance, and safety requirements, thereby guiding the secure evolution of ITS in the quantum computing era.