Paper 2022/1225

Hybrid Post-Quantum Signatures in Hardware Security Keys

Diana Ghinea, ETH Zurich, Google (Switzerland)
Fabian Kaczmarczyck, Google (Switzerland)
Jennifer Pullman, Google (Switzerland)
Julien Cretin, Google (Switzerland)
Stefan Kölbl, Google (Switzerland)
Rafael Misoczki, Google (United States)
Jean-Michel Picod, Google (Switzerland)
Luca Invernizzi, Google (Switzerland)
Elie Bursztein, Google (United States)

Recent advances in quantum computing are increasingly jeopardizing the security of cryptosystems currently in widespread use, such as RSA or elliptic-curve signatures. To address this threat, researchers and standardization institutes have accelerated the transition to quantum-resistant cryptosystems, collectively known as Post-Quantum Cryptography (PQC). These PQC schemes present new challenges due to their larger memory and computational footprints and their higher chance of latent vulnerabilities. In this work, we address these challenges by introducing a scheme to upgrade the digital signatures used by security keys to PQC, focusing on both its theoretical and practical aspects. Specifically, we introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium. Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks. Additionally, our hybrid scheme ensures that an adversary cannot derive ECDSA or Dilithium signatures that this authentication protocol considers valid. On the practical aspect, we experimentally show that our hybrid signature scheme can successfully execute on current security keys, even though secure PQC schemes are known to require substantial resources. We publish an open-source implementation of our scheme at so that other researchers can reproduce our results on a nRF52840 development kit.

Available format(s)
Publication info
FIDO WebAuthn CTAP ARM Cortex M4 Post-quantum security Dilithium
Contact author(s)
ghinead @ ethz ch
kaczmarczyck @ google com
jpullman @ google com
cretin @ google com
kste @ google com
rafaelmisoczki @ google com
jmichel @ google com
invernizzi @ google com
elieb @ google com
2022-09-15: approved
2022-09-15: received
See all versions
Short URL
Creative Commons Attribution


      author = {Diana Ghinea and Fabian Kaczmarczyck and Jennifer Pullman and Julien Cretin and Stefan Kölbl and Rafael Misoczki and Jean-Michel Picod and Luca Invernizzi and Elie Bursztein},
      title = {Hybrid Post-Quantum Signatures in Hardware Security Keys},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1225},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.