PQCMC: Post-Quantum Cryptography McEliece-Chen Implicit Certificate Scheme

TL;DR

This paper introduces PQCMC, a post-quantum cryptography scheme based on McEliece-Chen, to issue implicit certificates resistant to quantum attacks, with improved efficiency and security validation.

Contribution

It proposes a novel PQC-based implicit certificate scheme using McEliece-Chen, with mathematical validation and performance evaluation against quantum threats.

Findings

PQCMC reduces computation time for issuing certificates.

The scheme effectively links implicit certificates to the same entity.

Security analysis confirms resistance to quantum attacks.

Abstract

In recent years, the elliptic curve Qu-Vanstone (ECQV) implicit certificate scheme has found application in security credential management systems (SCMS) and secure vehicle-to-everything (V2X) communication to issue pseudonymous certificates. However, the vulnerability of elliptic-curve cryptography (ECC) to polynomial-time attacks posed by quantum computing raises concerns. In order to enhance resistance against quantum computing threats, various post-quantum cryptography methods have been adopted as standard (e.g. Dilithium) or candidate standard methods (e.g. McEliece cryptography), but state of the art has proven to be challenging to implement implicit certificates using lattice-based cryptography methods. Therefore, this study proposes a post-quantum cryptography McEliece-Chen (PQCMC) based on an efficient random invertible matrix generation method to issue pseudonymous certificates with less computation time. The study provides mathematical models to validate the key expansion process for implicit certificates. Furthermore, comprehensive security evaluations and discussions are conducted to demonstrate that distinct implicit certificates can be linked to the same end entity. In experiments, a comparison is conducted between the certificate length and computation time to evaluate the performance of the proposed PQCMC. This study demonstrates the viability of the implicit certificate scheme based on PQC as a means of countering quantum computing threats.