Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Preprint |
| Veröffentlicht: |
2025
|
| Schlagworte: | |
| Online-Zugang: | https://arxiv.org/abs/2504.12062 |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| _version_ | 1866910912686850048 |
|---|---|
| author | Tsili, Antonia Kordolaimis, Konstantinos Krilakis, Konstantinos Syvridis, Dimitris |
| author_facet | Tsili, Antonia Kordolaimis, Konstantinos Krilakis, Konstantinos Syvridis, Dimitris |
| contents | This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance employing post-quantum cryptographic (PQC) signature algorithms. The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats. The proposed framework design expects minimal cryptographic requirements from potential clients, protects certificates of high importance against cross-dependent chains-of-trust and allows for prompt switching between classical and PQC algorithms. Finally, we evaluate SPHINCS$^+$, Falcon, and Dilithium variants in various configurations of certificate issuance and verification accommodating a large client base, underlining the trade-offs in balancing performance, scalability, and security. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2504_12062 |
| institution | arXiv |
| publishDate | 2025 |
| record_format | arxiv |
| spellingShingle | A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures Tsili, Antonia Kordolaimis, Konstantinos Krilakis, Konstantinos Syvridis, Dimitris Cryptography and Security This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance employing post-quantum cryptographic (PQC) signature algorithms. The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats. The proposed framework design expects minimal cryptographic requirements from potential clients, protects certificates of high importance against cross-dependent chains-of-trust and allows for prompt switching between classical and PQC algorithms. Finally, we evaluate SPHINCS$^+$, Falcon, and Dilithium variants in various configurations of certificate issuance and verification accommodating a large client base, underlining the trade-offs in balancing performance, scalability, and security. |
| title | A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures |
| topic | Cryptography and Security |
| url | https://arxiv.org/abs/2504.12062 |