Google Releases The First Implementation of A Quantum-Resistant FIDO2 Security Key.
As a component of its OpenSK security keys project, Google on Tuesday revealed the initial Quantum-Resistant FIDO2 Security Key deployment.
Elie Bursztein and Fabian Kaczmarczyck stated that “This freely available hardware optimized execution employs a unique ECC/Dilithium hybrid signature schema which advantages from the safety of ECC against conventional attacks and Dilithium’s robustness against quantum attacks.”
Rust-based OpenSK is an open-source security key implementation that complies with both FIDO U2F and FIDO2 specifications.
The news follows less than one week after the tech giant announced intentions to include support for symmetric key establishment in TLS connections using quantum-resistant encryption methods in Chrome 116.
Incorporating such innovations early on is necessary to enable a steady rollout because it is also a part of larger attempts to convert to cryptographic techniques that are capable of withstanding quantum threats in the future.
“Luckily, with the latest standardization of public key quantum resilient cryptography that includes the Dilithium method, we now have an easy way to secure security keys against quantum attacks,” the search engine giant added.
Google’s recommended FIDO2 security key execution combines the Elliptic Curve Digital Signature method (ECDSA) and the recently established quantum-resistant signature method, Dilithium, much like Chrome’s hybrid mechanism combines X25519 and Kyber-768.
The Rust-based memory-optimized execution of the hybrid signature schema, created in collaboration with ETH Zürich, only needs 20 KB of memory, which makes it perfect for use with security keys’ limited hardware.
The business stated that it is “Anticipating to witness this method of execution (or a variant of it), being standardized as part of the FIDO2 key protocol and endorsed by the majority of web browsers so that the credentials of users can be secured against quantum assaults.”
About The Author:
Yogesh Naager is a content marketer that specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.
Read More Article Here: