In this talk, I will propose and investigate a migration strategy towards post-quantum PKI authentication. Our strategy is based on the concept of “mixed certificate chains” that use different signature algorithms within the same certificate chain. In order to demonstrate the feasibility of our migration strategy, we combine the well-studied and trusted hash-based signature schemes SPHINCS+ and XMSS with elliptic curve cryptography first and subsequently with lattice-based PQC signature schemes (Dilithium and Falcon).
Sebastian Paul - Post-Quantum Cryptography Security Research Engineer at Bosch
