A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures
AI Breakdown
Get a structured breakdown of this paper — what it's about, the core idea, and key takeaways for the field.
Abstract
This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance employing post-quantum cryptographic (PQC) signature algorithms. The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats. The proposed framework design expects minimal cryptographic requirements from potential clients, protects certificates of high importance against cross-dependent chains-of-trust and allows for prompt switching between classical and PQC algorithms. Finally, we evaluate SPHINCS+, Falcon, and Dilithium variants in various configurations of certificate issuance and verification accommodating a large client base, underlining the trade-offs in balancing performance, scalability, and security.