X.509 Information Security Certification Based on Post-Quantum Cryptography

TL;DR

This paper investigates the integration of post-quantum cryptography into X.509 certificates, comparing traditional and PQC methods to address quantum threats in PKI systems.

Contribution

It provides a comparative analysis of classical and post-quantum cryptographic algorithms for X.509 certificates and proposes practical PQC-based solutions.

Findings

PQC algorithms like Falcon, Dilithium, and SPHINCS+ show promising efficiency.

Traditional RSA and ECDSA are vulnerable to quantum attacks.

Recommended PQC solutions enhance security for future PKI systems.

Abstract

In recent years, with the advancement of quantum computing, mainstream asymmetric cryptographic methods in the current Public Key Infrastructure (PKI) systems are gradually being threatened. Therefore, this study explores X.509 security certificates based on Post-Quantum Cryptography (PQC) and discusses implemented solutions. This study compares mainstream asymmetric cryptographic methods (including RSA and Elliptic Curve Digital Signature Algorithm (ECDSA)) with standard PQC methods (including Falcon, Dilithium, SPHINCS+), comparing the efficiency of certificate generation, signature generation, and signature verification. Finally, recommendations for a solution based on PQC for X.509 security certificates are proposed.