• bilinear pairings
• CP-ABE
• lattices
• post-quantum cryptography
• RLWE

The rapid evolution of the automotive industry has transformed vehicles into highly connected systems, integrating over 100 Electronic Control Units (ECUs) and upwards of 100 million lines of code. While this connectivity greatly enhances driver assistance and traffic anticipation, it also expands the attack surface for security and privacy threats. Traditional workshop‐based software updates are increasingly impractical, driving demand for Over‐The‐Air (OTA) mechanisms that efficiently deliver safety patches and feature upgrades. Frameworks such as Uptane distribute update and verification roles among ECUs, yet most of them treat confidentiality of update packages as optional, leaving intellectual property and sensitive fixes exposed if packages are stored or intercepted unencrypted “at rest.” While asymmetric encryption can secure packages per‐ECU, it imposes substantial key‐management and computational burdens on OEMs. Ciphertext‐Policy Attribute‐Based Encryption (CP‐ABE) offers a scalable alternative by embedding access policies directly into the update ciphertext, allowing a single encryption for multiple ECUs whose attribute‐holding keys satisfy the policy. In this work, two CP‐ABE schemes (one based on traditional bilinear pairings and a quantum‐resistant one based on the Ring Learning With Errors problem) have been evaluated on a Raspberry Pi 3 Model B+. The latter has resources similar to modern automotive ECUs. The obtained results compare the performance and storage requirements of the two schemes, demonstrating the feasibility of lattice‐based CP‐ABE for end‐to‐end confidentiality in automotive OTA updates while providing quantum‐resilience for future‐proof security.