Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Tsili, Antonia, Kordolaimis, Konstantinos, Krilakis, Konstantinos, Syvridis, Dimitris
Format: Preprint
Veröffentlicht: 2025
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2504.12062
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866910912686850048
author Tsili, Antonia
Kordolaimis, Konstantinos
Krilakis, Konstantinos
Syvridis, Dimitris
author_facet Tsili, Antonia
Kordolaimis, Konstantinos
Krilakis, Konstantinos
Syvridis, Dimitris
contents This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance employing post-quantum cryptographic (PQC) signature algorithms. The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats. The proposed framework design expects minimal cryptographic requirements from potential clients, protects certificates of high importance against cross-dependent chains-of-trust and allows for prompt switching between classical and PQC algorithms. Finally, we evaluate SPHINCS$^+$, Falcon, and Dilithium variants in various configurations of certificate issuance and verification accommodating a large client base, underlining the trade-offs in balancing performance, scalability, and security.
format Preprint
id arxiv_https___arxiv_org_abs_2504_12062
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures
Tsili, Antonia
Kordolaimis, Konstantinos
Krilakis, Konstantinos
Syvridis, Dimitris
Cryptography and Security
This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance employing post-quantum cryptographic (PQC) signature algorithms. The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats. The proposed framework design expects minimal cryptographic requirements from potential clients, protects certificates of high importance against cross-dependent chains-of-trust and allows for prompt switching between classical and PQC algorithms. Finally, we evaluate SPHINCS$^+$, Falcon, and Dilithium variants in various configurations of certificate issuance and verification accommodating a large client base, underlining the trade-offs in balancing performance, scalability, and security.
title A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures
topic Cryptography and Security
url https://arxiv.org/abs/2504.12062