Google Research

Hybrid Post-Quantum Signatures in Hardware Security Keys

(2022)

Abstract

The substantial amount of research on quantum computers poses a risk to many cryptosystems in use today, and motivates the transition to Post-Quantum Cryptography. In this work, we focus on the theoretical and practical aspects of upgrading digital signatures in the context of authentication with security keys.

We introduce a hybrid digital signature scheme based on a classically secure scheme, ECDSA, and a post-quantum secure scheme, Dilithium. Our hybrid digital signature scheme maintains the guarantees of each of the two underlying schemes, even if the other scheme is broken. In addition, our hybrid scheme offers an additional layer of security by ensuring that an adversary cannot derive ECDSA or Dilithium signatures that can be used for this authentication protocol.

While Post-Quantum secure schemes are known to require a large amount of resources, we show that our hybrid signature scheme can be used on existing hardware security keys.

Learn more about how we do research

We maintain a portfolio of research projects, providing individuals and teams the freedom to emphasize specific types of work