Security News > 2023 > August > Google Introduces First Quantum Resilient FIDO2 Security Key Implementation
Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative.
"This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium's resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck said.
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
"Fortunately, with the recent standardization of public key quantum resilient cryptography including the Dilithium algorithm, we now have a clear path to secure security keys against quantum attacks," the search giant said.
Similar to how Chrome's hybrid mechanism - which is a combination of X25519 and Kyber-768 - Google's proposed FIDO2 security key implementation is a mix of Elliptic Curve Digital Signature Algorithm and the recently standardized quantum resistant signature algorithm, Dilithium.
The company said it is "Hoping to see this implementation, being standardized as part of the FIDO2 key specification and supported by major web browsers so that users' credentials can be protected against quantum attacks."
News URL
https://thehackernews.com/2023/08/google-introduces-first-quantum.html
Related news
- Google Chrome gets a mind of its own for some security fixes (source)
- eBook: Navigating compliance with a security-first approach (source)
- Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Cultivating a security-first mindset: Key leadership actions (source)