Paper 2022/1225
Hybrid Post-Quantum Signatures in Hardware Security Keys
Abstract
Recent advances in quantum computing are increasingly jeopardizing the security of cryptosystems currently in widespread use, such as RSA or elliptic-curve signatures. To address this threat, researchers and standardization institutes have accelerated the transition to quantum-resistant cryptosystems, collectively known as Post-Quantum Cryptography (PQC). These PQC schemes present new challenges due to their larger memory and computational footprints and their higher chance of latent vulnerabilities. In this work, we address these challenges by introducing a scheme to upgrade the digital signatures used by security keys to PQC. We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium. Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks. We experimentally show that our hybrid signature scheme can successfully execute on current security keys, even though secure PQC schemes are known to require substantial resources. We publish an open-source implementation of our scheme at https://github.com/google/OpenSK/releases/tag/hybrid-pqc so that other researchers can reproduce our results on a nRF52840 development kit.
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Published elsewhere. Minor revision. 4th ACNS Workshop on Secure Cryptographic Implementation
- Keywords
- FIDOWebAuthnCTAPARM Cortex M4Post-quantum securityDilithium
- Contact author(s)
-
ghinead @ ethz ch
kaczmarczyck @ google com
jpullman @ google com
cretin @ google com
kste @ google com
rafaelmisoczki @ google com
jmichel @ google com
invernizzi @ google com
elieb @ google com - History
- 2023-08-22: revised
- 2022-09-15: received
- See all versions
- Short URL
- https://ia.cr/2022/1225
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1225, author = {Diana Ghinea and Fabian Kaczmarczyck and Jennifer Pullman and Julien Cretin and Stefan Kölbl and Rafael Misoczki and Jean-Michel Picod and Luca Invernizzi and Elie Bursztein}, title = {Hybrid Post-Quantum Signatures in Hardware Security Keys}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/1225}, year = {2022}, url = {https://eprint.iacr.org/2022/1225} }