Hybrid Post-Quantum Signatures in Hardware Security Keys

Diana Ghinea; Fabian Kaczmarczyck; Jennifer Pullman; Julien Cretin; Rafael Misoczki; Stefan Kölbl; Luca Invernizzi; Elie Bursztein; Jean-Michel Picod

Hybrid Post-Quantum Signatures in Hardware Security Keys

Diana Ghinea
Fabian Kaczmarczyck
Jennifer Pullman
Julien Cretin
Rafael Misoczki
Stefan Kölbl
Luca Invernizzi
Elie Bursztein
Jean-Michel Picod

(2022)

Abstract

The substantial amount of research on quantum computers poses a risk to many cryptosystems in use today, and motivates the transition to Post-Quantum Cryptography. In this work, we focus on the theoretical and practical aspects of upgrading digital signatures in the context of authentication with security keys.

We introduce a hybrid digital signature scheme based on a classically secure scheme, ECDSA, and a post-quantum secure scheme, Dilithium. Our hybrid digital signature scheme maintains the guarantees of each of the two underlying schemes, even if the other scheme is broken. In addition, our hybrid scheme offers an additional layer of security by ensuring that an adversary cannot derive ECDSA or Dilithium signatures that can be used for this authentication protocol.

While Post-Quantum secure schemes are known to require a large amount of resources, we show that our hybrid signature scheme can be used on existing hardware security keys.

Research Areas

Security, Privacy and Abuse Prevention

Learn more about how we do research

We maintain a portfolio of research projects, providing individuals and teams the freedom to emphasize specific types of work

Our Research Philosophy