Post-Quantum Authentication Protocols for PIV Cards (Q22b)
As the transition to post-quantum cryptography (PQC) accelerates, security protocols must evolve to resist quantum threats while remaining practical, particularly on constrained devices where memory, bandwidth, and performance are limited. The speakers focus on NIST’s Personal Identity Verification (PIV) system, in which PIV cards use digital signatures for user authentication across multiple use-cases. Because post-quantum signatures introduce significant computational and memory overhead, and post-quantum Key Encapsulation Mechanisms (KEMs) are generally lighter, the speakers investigate an alternative design that replaces signatures with KEM for authentication. The speakers propose post-quantum variants of the PIV protocols, provide formal security proofs, and evaluate performance on embedded platforms. The speakers’ results show that, in relevant settings, KEM-based authentication reduces transmitted data size and speeds up execution, leading to improved end-to-end performance. This makes it a promising approach for post-quantum secure authentication on resource-constrained devices.