As post-quantum cryptography moves from theory to hardware, organizations can no longer afford to ignore the physical layer of security. In this episode of Shielded: The Last Line of Cyber Defense, host Johannes Lintzen speaks with Ferhat Yaman, security researcher at AMD’s Product Security Office, to explore how electromagnetic side-channel attacks, hybrid cryptography, and AI privacy are reshaping the future of secure system design. They discuss the risks of leakage in post-quantum implementations, the challenge of model theft in AI accelerators, and why mitigation needs to start before silicon is even taped out. From masking and shuffling to pre-silicon testing and homomorphic encryption, Ferhat offers a candid and deeply technical look at what it means to build quantum-resilient systems in hardware, not just in code.

What You’ll Learn:

Ferhat Yaman is a security researcher at AMD's product security office, where his work spans post-quantum cryptography, AI privacy, and side-channel resilience. With a background in both theoretical cryptography and practical hardware design, Ferhat has contributed to projects including the Crystals-Kyber and Dilithium PQC implementations, Caliptra Root of Trust, and electromagnetic model extraction from Google’s Edge TPU. His research explores how secure systems can be built from the silicon up, balancing performance, cost, and long-term quantum readiness. Ferhat’s recent work looks at accelerating homomorphic encryption for AI workloads and improving pre-silicon testing using commercial and open-source tools.

With the shift to post-quantum hardware security accelerating, Yaman’s message is clear: protecting systems requires more than new math; it demands early testing, layered defenses, and security built into the silicon itself.

Strong algorithms don’t guarantee strong protection if the hardware leaks secrets. Ferhat explains how side-channel attacks can extract private keys by analyzing power consumption or electromagnetic emissions, especially in hardware implementations of post-quantum cryptography like Kyber and Dilithium. Even minor hardware optimizations meant to improve speed can unintentionally introduce new leakages. Key Question: Have you tested your PQC hardware for side-channel leakage, or just verified the math?

Attackers are blending techniques, merging cryptanalytic insights with side-channel data to break even well-implemented systems. Ferhat emphasizes that defending against these multi-layered threats requires layered countermeasures across hardware and software. The combination of multiple attack vectors makes traditional assumptions about isolated vulnerabilities dangerously outdated. Key Question: Are you planning for real-world attack combinations or idealized test conditions?

You don’t have to replace everything overnight. Ferhat describes how AMD’s Caliptra project integrates classical and post-quantum cryptography side-by-side, giving developers flexibility while building resilience. Hybrid cryptography is a practical way to support both legacy and quantum-safe systems, especially in constrained environments. It’s a crucial stepping stone for organizations that can’t afford a full cryptographic overhaul in one cycle. Key Question: Can your architecture support both today’s standards and tomorrow’s requirements?

AI workloads running on edge hardware can leak critical information. Ferhat’s research shows how electromagnetic side-channel attacks can reveal the structure of neural networks down to the number of layers and nodes, without touching the model file. For companies that treat models as IP, this presents a new category of risk. This form of model extraction reduces training time for attackers by shortcutting hyperparameter tuning. Key Question: Could your AI accelerators be quietly leaking trade secrets?

Mitigation strategies like masking, shuffling, and randomness injection aren’t optional; they’re essential. Ferhat walks through how these hardware-level techniques help minimize leakage, but warns that each comes with design and performance tradeoffs. Choosing the right countermeasure depends on your timing, area, and risk budget; there’s no one-size-fits-all solution. Key Question: Have you budgeted for countermeasures, or are you counting on hope?

Want exclusive insights on quantum migration?  Stay ahead of the curve. Subscribe to Shielded: The Last Line of Cyber Defense on Apple Podcasts, Spotify, or YouTube Podcasts.

✔ Get insider knowledge from leading cybersecurity experts.

✔ Learn practical steps to future-proof your organization.

✔ Stay updated on regulatory changes and industry trends.

Need help subscribing? Click here for step-by-step instructions.