A Comparative Study of Hybrid Post-Quantum Cryptographic X.509 Certificate Schemes

• URL: http://arxiv.org/abs/2511.00111v1
• Date: Thu, 30 Oct 2025 21:51:36 GMT
• Title: A Comparative Study of Hybrid Post-Quantum Cryptographic X.509 Certificate Schemes
• Authors: Abel C. H. Chen,
• Abstract summary: The U.S. National Institute of Standards and Technology finalized a series of Post-NIST (PQC) standards in August 2024.<n>The design of X.509 certificates that adhere to PQC standards has become a crucial focus in the development of certificate management systems.<n>Several hybrid certificate schemes have been proposed internationally based on the X.509 certificate format.
• Score: 0.0
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: As quantum computing hardware continues to advance, the integration of such technology with quantum algorithms is anticipated to enable the decryption of ciphertexts produced by RSA and Elliptic Curve Cryptography (ECC) within polynomial time. In response to this emerging threat, the U.S. National Institute of Standards and Technology (NIST) finalized a series of Post-Quantum Cryptography (PQC) standards in August 2024 and outlined a roadmap for PQC migration. Consequently, the design of X.509 certificates that adhere to PQC standards has become a crucial focus in the development of certificate management systems. To further strengthen security and facilitate a smooth migration process, several hybrid certificate schemes have been proposed internationally based on the X.509 certificate format, including the composite scheme, the catalyst scheme, and the chameleon scheme. This study presents a comprehensive analysis and comparison of these hybrid certificate schemes from multiple perspectives (e.g., certificate size, computational efficiency, and migration feasibility) to assess their suitability for various applications and services.

Related papers

• QoeSiGN: Towards Qualified Collaborative eSignatures [42.138439537056954]
  EU's eIDAS regulation specifies, e.g., advanced and qualified (QES) eSignatures.<n>QESs are based on a qualified certificate issued by a qualified trust service provider (QTSP)<n>We perform a threat analysis on the QES-creation process of Austria's national eID.<n>We present QoeSiGN, utilizing novel P2C2 technologies.
  arXiv  Detail & Related papers  (2025-12-15T18:07:17Z)
• Verifier-initiated quantum message-authentication via quantum zero-knowledge proofs [38.81686642226027]
  We introduce a new method where the verifier can request authentication only when needed, improving efficiency for quantum networks and blockchain applications.<n>Our approach adapts the concept of zero-knowledge widely used in classical cryptography to quantum settings, ensuring that verification reveals nothing about secret keys.<n>This work delivers the first general verifier-initiated quantum signature scheme with formal security, paving the way for scalable, secure authentication in future quantum infrastructures and decentralized systems.
  arXiv  Detail & Related papers  (2025-12-05T04:40:34Z)
• A Hybrid Encryption Framework Combining Classical, Post-Quantum, and QKD Methods [0.0]
  This paper introduces a hybrid encryption framework combining classical cryptography (EdDSA, ECDH), post-quantum cryptography (ML-DSA-6x5, ML-KEM-768), and Quantum Key Distribution (QKD) via Guardian to counter quantum computing threats.<n>Our prototype implements this integration, using a key derivation function to generate secure symmetric and HMAC keys, and evaluates its performance across execution time and network metrics.
  arXiv  Detail & Related papers  (2025-09-09T08:48:38Z)
• Performance and Storage Analysis of CRYSTALS Kyber as a Post Quantum Replacement for RSA and ECC [45.88028371034407]
  CRYSTALS-Kyber is a post-quantum cryptographic solution standardized by NIST in 2022.<n>This study evaluates Kyber's practical viability through performance testing across various implementation schemes.
  arXiv  Detail & Related papers  (2025-08-03T09:53:45Z)
• Applied Post Quantum Cryptography: A Practical Approach for Generating Certificates in Industrial Environments [0.0]
  Post-quantum cryptography (PQC) presents significant challenges for certificate-based identity management in industrial environments.<n>This work analyzes the integration of PQC into X.509 certificate structures and compares existing tool support for classical, hybrid, composite, and chameleon certificates.<n>A gap is identified in available open-source solutions, particularly for the generation and validation of hybrid and composite certificates.
  arXiv  Detail & Related papers  (2025-05-07T11:28:35Z)
• Hybrid Scheme of Post-Quantum Cryptography and Elliptic-Curve Cryptography for Certificates -- A Case Study of Security Credential Management System in Vehicle-to-Everything Communications [0.0]
  This study proposes a hybrid certificate scheme of PQC and ECC to overcome the challenges in V2X communication.<n>PQC is used to establish a security level resistant to quantum computing attacks, while ECC is utilized to establish anonymous certificates.
  arXiv  Detail & Related papers  (2025-01-13T02:59:59Z)
• Practical hybrid PQC-QKD protocols with enhanced security and performance [44.8840598334124]
  We develop hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network. In particular, we consider different hybrid designs that may offer enhanced speed and/or security over the individual performance of either approach.
  arXiv  Detail & Related papers  (2024-11-02T00:02:01Z)
• X.509 Information Security Certification Based on Post-Quantum Cryptography [0.0]
  This study explores X.509 security certificates based on Post-Quantum Cryptography (PQC) This study compares mainstream asymmetric cryptographic methods with standard PQC methods. recommendations for a solution based on PQC for X.509 security certificates are proposed.
  arXiv  Detail & Related papers  (2024-08-05T01:38:36Z)
• PQCMC: Post-Quantum Cryptography McEliece-Chen Implicit Certificate Scheme [0.0]
  This study proposes a post-quantum cryptography McEliece-Chen (PQCMC) based on an efficient random invertible matrix generation method to issue pseudonymous certificates with less time. This study demonstrates the viability of the implicit certificate scheme based on PQC as a means of countering quantum computing threats.
  arXiv  Detail & Related papers  (2024-01-03T13:34:20Z)
• Practical quantum secure direct communication with squeezed states [37.69303106863453]
  We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.<n>This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
  arXiv  Detail & Related papers  (2023-06-25T19:23:42Z)
• First demonstration of a post-quantum key-exchange with a nanosatellite [58.579141089302816]
  We demonstrate a post-quantum key-exchange with the nanosatellite SpooQy-1 in low Earth orbit using Kyber-512. This implementation demonstrates the feasibility of a quantum-safe authenticated key-exchange and encryption system on SWaP constrained nanosatellites.
  arXiv  Detail & Related papers  (2022-06-02T10:45:27Z)
• When BERT Meets Quantum Temporal Convolution Learning for Text Classification in Heterogeneous Computing [75.75419308975746]
  This work proposes a vertical federated learning architecture based on variational quantum circuits to demonstrate the competitive performance of a quantum-enhanced pre-trained BERT model for text classification. Our experiments on intent classification show that our proposed BERT-QTC model attains competitive experimental results in the Snips and ATIS spoken language datasets.
  arXiv  Detail & Related papers  (2022-02-17T09:55:21Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.