FB pixel

FIDO Alliance ensures long-term value of its specifications in post quantum era

Categories Biometric R&D  |  Biometrics News
FIDO Alliance ensures long-term value of its specifications in post quantum era
 

Cryptography plays a fundamental role in securing data within computer systems, particularly those involving biometric technologies. It ensures that confidentiality, integrity and authenticity of sensitive data, whether it’s processed locally at the edge or sent to cloud servers for further analysis and storage.

However, with the introduction of quantum computing, which has rapidly advanced in computational capabilities, present a significant threat to these cryptographic methods. Large-scale quantum computers have the potential to break several established cryptographic algorithms, including RSA and ECC, by solving the complex mathematical problems upon which their security relies.

In response to the threats, the cryptographic community and various organizations are actively developing post-quantum cryptographic (PQC) algorithms. These algorithms are designed to withstand quantum computing attacks, offering a replacement for existing algorithms and ensuring continued security in the quantum era.

In a parallel effort, the FIDO Alliance is working to address the impact of quantum computing on its specifications, aiming to preserve the long-term value efficacy of products and services built on these specifications. The specifications are expected to rely on standards developed by other organizations such as NIST and ISO, which are monitoring the process of PQC algorithms and their implications for existing specifications.

FIDO Alliance has outlined a strategy for integrating post-quantum cryptography into its standards. The Alliance aims to facilitate a smooth transition from current cryotpgraphic algorithms to post-quantum croyptographic algorithms. Despite the fact that the timeline for availability of quantum computers capable of breaking a classical cryptographic algorithm is debatable, but experts believe this can happen within 10 years. However, FIDO Alliance believes that the migration of security strategies take time, and a post-quantum strategy for migration is necessary.

As part of its strategy, the Alliance will monitor the development of various PQC algorithms, including lattice-based systems, coding-based systems, supersingular isogenies, and hash-based signatures. They acknowledge that not every PQC algorithms will be compatible with their specifications, and they plan to assess the recommendations of security agencies such as NIST to determine the effectiveness for integration into FIDO standards.

The FIDO Alliance also intends to form working groups tasked with understanding the implications of transitioning to PQC algorithms and crypto-agility. The crypto-agility here refers to the ability to manage multiple algorithms for the same function. These working groups will be charged with developing strategies for migration.

Furthermore, an additional objective of the FIDO Alliance for post-quantum cryptography is to provide guidance to its members and stakeholders as the development and standardization of PQC algorithms advnace.

Earlier this year, Prove Identity has joined the FIDO Alliance Board of Directors. Prove will be expected to contribute in developing future standards for authentication and identity authentication and identity attestation.

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

European AI compliance project CERTAIN launches

The pan-European project to create AI compliance tools CERTAIN has kicked off its work, with the goal of making European…

 

Signaturit Group acquiring Validated ID for undisclosed sum

Spain-based digital identity and electronic signature provider Validated ID is being acquired by Signaturit Group, a European company offering identity…

 

Social media ban for kids under 13 advances through US Senate committee

U.S. kids under 13 could soon be banned from accessing social media platforms, as an age assurance law makes its…

 

South Africa will invest in DPI, says President

South Africa is planning to invest in digital public infrastructure (DPI) , including the launch of a national digital identity…

 

Sri Lanka: ‘DPI is not just a buzzword’

A robust digital public infrastructure (DPI) framework is central to Sri Lanka’s ongoing digital transformation, while the country’s digital ID…

 

Idiap highlights biometrics research, open-source contributions for 2024

Idiap Research Institute has released its 2024 Scientific Report. Its research covers a wide range of digitally relevant topics, several…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events