A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures

• URL: http://arxiv.org/abs/2504.12062v1
• Date: Wed, 16 Apr 2025 13:18:11 GMT
• Title: A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures
• Authors: Antonia Tsili, Konstantinos Kordolaimis, Konstantinos Krilakis, Dimitris Syvridis,
• Abstract summary: This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance.<n>The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance employing post-quantum cryptographic (PQC) signature algorithms. The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats. The proposed framework design expects minimal cryptographic requirements from potential clients, protects certificates of high importance against cross-dependent chains-of-trust and allows for prompt switching between classical and PQC algorithms. Finally, we evaluate SPHINCS$^+$, Falcon, and Dilithium variants in various configurations of certificate issuance and verification accommodating a large client base, underlining the trade-offs in balancing performance, scalability, and security.

Related papers

• Performance Analysis and Industry Deployment of Post-Quantum Cryptography Algorithms [0.8602553195689513]
  The National Institute of Standards and Technology (NIST) has selected CRYSTALS-Kyber and CRYSTALS-Dilithium as standardized PQC algorithms for secure key exchange and digital signatures.<n>This study conducts a comprehensive performance analysis of these algorithms by benchmarking execution times across cryptographic operations.<n>Our findings demonstrate that Kyber and Dilithium achieve efficient execution times, outperforming classical cryptographic schemes such as RSA and ECDSA at equivalent security levels.
  arXiv  Detail & Related papers  (2025-03-17T09:06:03Z)
• Onion Routing Key Distribution for QKDN [1.8637078358591843]
  The advance of quantum computing poses a significant threat to classical cryptography.<n>Two main approaches have emerged: quantum cryptography and post-quantum cryptography.<n>We propose a secure key distribution protocol for Quantum Key Distribution Networks (QKDN)
  arXiv  Detail & Related papers  (2025-02-10T16:47:42Z)
• Application of $α$-order Information Metrics for Secure Communication in Quantum Physical Layer Design [45.41082277680607]
  We study the $alpha$-order information-theoretic metrics based on R'enyi entropy. We apply our framework to a practical scenario involving BPSK modulation over a lossy bosonic channel.
  arXiv  Detail & Related papers  (2025-02-07T03:44:11Z)
• Secure Composition of Quantum Key Distribution and Symmetric Key Encryption [3.6678562499684517]
  Quantum key distribution (QKD) allows Alice and Bob to share a secret key over an insecure channel with proven information-theoretic security against an adversary whose strategy is bounded only by the laws of physics. We consider the problem of using the QKD established key with a secure symmetric key-based encryption algorithm and use an approach based on hybrid encryption to provide a proof of security for the composition.
  arXiv  Detail & Related papers  (2025-01-14T20:58:02Z)
• Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC) ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic. We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Practical hybrid PQC-QKD protocols with enhanced security and performance [44.8840598334124]
  We develop hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network. In particular, we consider different hybrid designs that may offer enhanced speed and/or security over the individual performance of either approach.
  arXiv  Detail & Related papers  (2024-11-02T00:02:01Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• Hierarchical certification of nonclassical network correlations [50.32788626697182]
  We derive linear and nonlinear Bell-like inequalities for networks, whose violation certifies the absence of a minimum number of classical sources in them. We insert this assumption, which leads to results more amenable to certification in experiments.
  arXiv  Detail & Related papers  (2023-06-27T18:00:01Z)
• Practical quantum secure direct communication with squeezed states [55.41644538483948]
  We report the first table-top experimental demonstration of a CV-QSDC system and assess its security. This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
  arXiv  Detail & Related papers  (2023-06-25T19:23:42Z)
• Authentication of quantum key distribution with post-quantum cryptography and replay attacks [1.8476815769956565]
  Quantum key distribution (QKD) and post-quantum cryptography (PQC) are two cryptographic mechanisms with quantum-resistant security. We propose two protocols based on PQC to realize the full authentication of QKD data post-processing.
  arXiv  Detail & Related papers  (2022-06-02T17:29:34Z)
• Experimental Authentication of Quantum Key Distribution with Post-quantum Cryptography [3.627592297350721]
  We experimentally verified the feasibility, efficiency and stability of the PQC algorithm in QKD authentication. Using PQC authentication we only need to believe the CA is safe, rather than all trusted relays.
  arXiv  Detail & Related papers  (2020-09-10T04:12:07Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.