Google Introduces First Quantum Resilient FIDO2 Security Key Implementation

Quantum-Resilient FIDO2 Security Key

Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative.

“This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium’s resilience against quantum attacks,” Elie Bursztein and Fabian Kaczmarczyck said.

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

The development comes less than a week after the tech giant said it plans to add support for quantum-resistant encryption algorithms in Chrome 116 to set up symmetric keys in TLS connections.

It’s also part of broader efforts to switch to cryptographic algorithms that can withstand quantum attacks in the future, necessitating the need to incorporate such technologies early on to facilitate a gradual rollout.

“Fortunately, with the recent standardization of public key quantum resilient cryptography including the Dilithium algorithm, we now have a clear path to secure security keys against quantum attacks,” the search giant said.

Similar to how Chrome’s hybrid mechanism is a combination of X25519 and Kyber-768, Google’s proposed FIDO2 security key implementation is a mix of Elliptic Curve Digital Signature Algorithm (ECDSA) and the recently standardized quantum resistant signature algorithm, Dilithium.

The hybrid signature schema, developed in partnership with ETH Zürich, is a Rust-based memory-optimized implementation that only requires 20 KB of memory, making it ideal to run on security keys’ constrained hardware.

The company said it is “hoping to see this implementation (or a variant of it), being standardized as part of the FIDO2 key specification and supported by major web browsers so that users’ credentials can be protected against quantum attacks.”



Original Source



A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.