Extensible Post Quantum Cryptography Based Authentication

TL;DR

This paper presents a new quantum-safe authentication protocol that leverages lattice-based cryptography to enable secure, forward-secure machine-to-machine communication in potentially insecure environments, addressing future quantum threats.

Contribution

It introduces a novel single-shot quantum-safe authentication protocol specifically designed for constrained environments using lattice-based primitives.

Findings

Protocol operates over insecure channels

Enables forward-secure token establishment

Lays groundwork for quantum-resistant identity systems

Abstract

Cryptography underpins the security of modern digital infrastructure, from cloud services to health data. However, many widely deployed systems will become vulnerable after the advent of scalable quantum computing. Although quantum-safe cryptographic primitives have been developed, such as lattice-based digital signature algorithms (DSAs) and key encapsulation mechanisms (KEMs), their unique structural and performance characteristics make them unsuitable for existing protocols. In this work, we introduce a quantum-safe single-shot protocol for machine-to-machine authentication and authorization that is specifically designed to leverage the strengths of lattice-based DSAs and KEMs. Operating entirely over insecure channels, this protocol enables the forward-secure establishment of tokens in constrained environments. By demonstrating how new quantum-safe cryptographic primitives can be incorporated into secure systems, this study lays the groundwork for scalable, resilient, and future-proof identity infrastructures in a quantum-enabled world.