Security News > 2023 > August > Google Introduces First Quantum Resilient FIDO2 Security Key Implementation
Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative.
"This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium's resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck said.
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
"Fortunately, with the recent standardization of public key quantum resilient cryptography including the Dilithium algorithm, we now have a clear path to secure security keys against quantum attacks," the search giant said.
Similar to how Chrome's hybrid mechanism - which is a combination of X25519 and Kyber-768 - Google's proposed FIDO2 security key implementation is a mix of Elliptic Curve Digital Signature Algorithm and the recently standardized quantum resistant signature algorithm, Dilithium.
The company said it is "Hoping to see this implementation, being standardized as part of the FIDO2 key specification and supported by major web browsers so that users' credentials can be protected against quantum attacks."
News URL
https://thehackernews.com/2023/08/google-introduces-first-quantum.html
Related news
- Google Cloud/Cloud Security Alliance Report: IT and Security Pros Are ‘Cautiously Optimistic’ About AI (source)
- New Google Workspace feature prevents sensitive security changes if two admins don’t approve them (source)
- Google Chrome: Security and UI Tips You Need to Know (source)
- Breakthrough in Quantum Cloud Computing Ensures its Security and Privacy (source)
- The first steps of establishing your cloud security strategy (source)
- Google Chrome's new post-quantum cryptography may break TLS connections (source)