2 min

Google has developed a Post-Quantum Cryptography (PQC) algorithm against quantum computing attacks on FIDO2 encryption. It’s known as a “hybrid PQC” algorithm.

The FIDO2 encryption standard is just about the most secure way to log in without a password. It uses a strong form of built-in two-factor authentication.

However, this encryption is under pressure with the rise of quantum computing. Experts expect that in the near future, hackers will use quantum computing technology to crack the strongest encryption technology, such as FIDO2.

PQC algorithms

Work is therefore currently underway on so-called Post-Quantum Cryptography or PQC. These are encryption algorithms that can withstand attacks using quantum computing technology.

Researchers at Google recently presented the first encryption algorithm that is resistant to quantum computing attacks. This algorithm is specifically suited for use in passkeys that form the basis for FIDO2.

Hybrid PQC technology

More specifically, Google specialists have developed a hybrid PQC algorithm for FIDO2 passkey in collaboration with the ETH University of Applied Sciences from Zurich, Switzerland.

The algorithm uses an “elliptic curve digital signature algorithm,” which may not be cracked by quantum computing, in combination with the PQC algorithm Crystals-Dilithium. The latter algorithm is one of three PQC algorithms that NIST selected for use in digital signatures.

The Dilithium algorithm should solve a number of problems, according to the tech giant. To crack them, hackers must first break both ECDSA as well as PQC encryption. In addition, the keys used are small compared to the current PQC algorithms in use. The Rust-based keys use only 20 kilobytes of memory.

The latter feature should ensure that the implementation speed of encryption signing is accelerated. Thus, the researchers believe that hardware acceleration can be used to eventually make the keys more responsive.

Part of FIDO2

Google hopes its new hybrid PQC algorithm will become part of the FIDO2 encryption specification by default and be supported by major Web browsers. In this way, users’ login credentials can be even better protected against quantum computing attacks.

Also read: What are Passkeys? Removing the human element from authentication