A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures
Abstract
This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance employing post-quantum cryptographic (PQC) signature algorithms. The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats. The proposed framework design expects minimal cryptographic requirements from potential clients, protects certificates of high importance against cross-dependent chains-of-trust and allows for prompt switching between classical and PQC algorithms. Finally, we evaluate SPHINCS, Falcon, and Dilithium variants in various configurations of certificate issuance and verification accommodating a large client base, underlining the trade-offs in balancing performance, scalability, and security.
Cite
@article{arxiv.2504.12062,
title = {A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures},
author = {Antonia Tsili and Konstantinos Kordolaimis and Konstantinos Krilakis and Dimitris Syvridis},
journal= {arXiv preprint arXiv:2504.12062},
year = {2025}
}
Comments
To appear in the proceedings of the 2025 International Conference on Quantum Communications, Networking, and Computing (QCNC)