The Qey: Implementation and performance study of post quantum cryptography in FIDO2

• URL: http://arxiv.org/abs/2510.21353v1
• Date: Fri, 24 Oct 2025 11:30:15 GMT
• Title: The Qey: Implementation and performance study of post quantum cryptography in FIDO2
• Authors: Aditya Mitra, Sibi Chakkaravarthy Sethuraman,
• Abstract summary: FIDO2 is an industry standard for secure passwordless authentication.<n>Current FIDO2 standards use ECDSA with SHA-256 (ES256), RSA with SHA-256 (RS256) and similar classical cryptographic signature algorithms.<n>This paper explores the usability of Module Lattice based Digital Signature Algorithm (ML-DSA) based on Crystals Dilithium as a post quantum cryptographic signature standard for FIDO2.
• Score: 0.18416014644193066
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: Authentication systems have evolved a lot since the 1960s when Fernando Corbato first proposed the password-based authentication. In 2013, the FIDO Alliance proposed using secure hardware for authentication, thus marking a milestone in the passwordless authentication era [1]. Passwordless authentication with a possession-based factor often relied on hardware-backed cryptographic methods. FIDO2 being one an amalgamation of the W3C Web Authentication and FIDO Alliance Client to Authenticator Protocol is an industry standard for secure passwordless authentication with rising adoption for the same [2]. However, the current FIDO2 standards use ECDSA with SHA-256 (ES256), RSA with SHA-256 (RS256) and similar classical cryptographic signature algorithms. This makes it insecure against attacks involving large-scale quantum computers [3]. This study aims at exploring the usability of Module Lattice based Digital Signature Algorithm (ML-DSA), based on Crystals Dilithium as a post quantum cryptographic signature standard for FIDO2. The paper highlights the performance and security in comparison to keys with classical algorithms.

Related papers

• On Implementing Hybrid Post-Quantum End-to-End Encryption [0.0]
  Quantum computing poses a fundamental threat to current public key cryptographic systems.<n>We present a hybrid end-to-end encryption system that combines classical and post-quantum cryptographic primitives.
  arXiv  Detail & Related papers  (2026-01-21T12:17:24Z)
• QES-Backed Virtual FIDO2 Authenticators: Architectural Options for Secure, Synchronizable WebAuthn Credentials [0.0]
  FIDO2 and the WebAuthn standard offer phishing-resistant, public-key based authentication.<n>Recent passkey deployments address this limitation by enabling multi-device credentials synchronized via platform-specific cloud ecosystems.<n>This paper explores architectural options for bridging these technologies by securing a virtual FIDO2 authenticator with a QES-grade PKCS key.
  arXiv  Detail & Related papers  (2026-01-10T12:47:44Z)
• LSEG: A Lightweight and Secure Key Exchange Protocol for Smart Grid Communication [0.9449650062296824]
  This paper proposes a lightweight authentication and secure key exchange protocol for smart grid environments.<n>Session communication is protected using ASCON128a, a lightweight, NIST-standardized, authenticated encryption algorithm.<n>Results show LSEG effectively balances security, efficiency, and compliance, making it a scalable solution for secure communication in smart grid infrastructures.
  arXiv  Detail & Related papers  (2025-11-10T19:01:55Z)
• Performance and Storage Analysis of CRYSTALS Kyber as a Post Quantum Replacement for RSA and ECC [45.88028371034407]
  CRYSTALS-Kyber is a post-quantum cryptographic solution standardized by NIST in 2022.<n>This study evaluates Kyber's practical viability through performance testing across various implementation schemes.
  arXiv  Detail & Related papers  (2025-08-03T09:53:45Z)
• Cryptanalysis of LC-MUME: A Lightweight Certificateless Multi-User Matchmaking Encryption for Mobile Devices [0.0]
  We show that a Type-I adversary can successfully forge a validtext cipher without possessing the complete private key of the sender.<n>We propose a strategy to strengthen the security of matchmaking encryption schemes in mobile computing environments.
  arXiv  Detail & Related papers  (2025-07-30T13:36:52Z)
• From Cyber Threat to Data Shield: Constructing Provably Secure File Erasure with Repurposed Ransomware Cryptography [1.338174941551702]
  This paper presents SEER (Secure and Efficient Encryption-based Erasure via Ransomware), a provably secure file destruction system that repurposes encryption for legitimate data erasure tasks.<n>The proposed system ensures provable security through both theoretical foundations and practical validation, offering an efficient and resilient solution for the secure destruction of sensitive data.
  arXiv  Detail & Related papers  (2025-04-16T03:47:17Z)
• EAP-FIDO: A Novel EAP Method for Using FIDO2 Credentials for Network Authentication [43.91777308855348]
  EAP-FIDO allows organisations with WPA2/3-Enterprise wireless networks or MACSec-enabled wired networks to leverage FIDO2's passwordless authentication.<n>We provide a comprehensive security and performance analysis to support the feasibility of this approach.
  arXiv  Detail & Related papers  (2024-12-04T12:35:30Z)
• Quantum digital signature based on single-qubit without a trusted third-party [45.41082277680607]
  We propose a novel quantum digital signature protocol without a trusted third-party.<n>We prove that the protocol has information-theoretical unforgeability.
  arXiv  Detail & Related papers  (2024-10-17T09:49:29Z)
• Multi-Layered Security System: Integrating Quantum Key Distribution with Classical Cryptography to Enhance Steganographic Security [0.0]
  We present a novel cryptographic system that integrates Quantum Key Distribution (QKD) with classical encryption techniques. Our approach leverages the E91 QKD protocol to generate a shared secret key between communicating parties. This key is then hashed using the Secure Hash Algorithm (SHA) to provide a fixedlength, high-entropy key.
  arXiv  Detail & Related papers  (2024-08-13T15:20:29Z)
• A Novel Protocol Using Captive Portals for FIDO2 Network Authentication [45.84205238554709]
  We introduce FIDO2CAP: FIDO2 Captive-portal Authentication Protocol. We develop a prototype of FIDO2CAP authentication in a mock scenario. This work makes the first systematic approach for adapting network authentication to the new authentication paradigm relying on FIDO2 authentication.
  arXiv  Detail & Related papers  (2024-02-20T09:55:20Z)
• SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
  We propose SOCI+ which significantly improves the performance of SOCI. SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive. Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
  arXiv  Detail & Related papers  (2023-09-27T05:19:32Z)
• Certified Everlasting Secure Collusion-Resistant Functional Encryption, and More [11.28340401863537]
  certified everlasting security is a nice compromise (intrinsic to quantum) We define certified everlasting secure versions of FE, compute-and-compare obfuscation, predicate encryption (PE), secret-key encryption (SKE), public-key encryption (PKE), receiver non-committing encryption (RNCE)
  arXiv  Detail & Related papers  (2023-02-20T22:54:43Z)
• Quantum Proofs of Deletion for Learning with Errors [91.3755431537592]
  We construct the first fully homomorphic encryption scheme with certified deletion. Our main technical ingredient is an interactive protocol by which a quantum prover can convince a classical verifier that a sample from the Learning with Errors distribution in the form of a quantum state was deleted.
  arXiv  Detail & Related papers  (2022-03-03T10:07:32Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.