Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative.
“This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium’s resilience against quantum attacks,” Elie Bursztein and Fabian Kaczmarczyck said.
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
The development comes less than a week after the tech giant said it plans to add support for quantum-resistant encryption algorithms in Chrome 116 to set up symmetric keys in TLS connections.
Similar to how Chrome’s hybrid mechanism is a combination of X25519 and Kyber-768, Google’s proposed FIDO2 security key implementation is a mix of Elliptic Curve Digital Signature Algorithm (ECDSA) and the recently standardized quantum resistant signature algorithm, Dilithium.
The hybrid signature schema, developed in partnership with ETH Zürich, is a Rust-based memory-optimized implementation that only requires 20 KB of memory, making it ideal to run on security keys’ constrained hardware.
The company said it is “hoping to see this implementation (or a variant of it), being standardized as part of the FIDO2 key specification and supported by major web browsers so that users’ credentials can be protected against quantum attacks.”
Source: https://thehackernews.com/
