Next-Generation SPIFFE/SPIRE Identity Management Systems with Post-Quantum Cryptography Algorithms

Cardoso, Lucas C.; Marques, Marco A.; Barcha Correia, Pedro H.; Cochak, Henrique Z.; Miers, Charles C.; Simplicio, Marcos A., Jr.

Texto completo
Autor(es):	Cardoso, Lucas C. ; Marques, Marco A. ; Barcha Correia, Pedro H. ; Cochak, Henrique Z. ; Miers, Charles C. ; Simplicio, Marcos A., Jr. Número total de Autores: 6
Tipo de documento:	Artigo Científico
Fonte:	2025 IEEE 25TH INTERNATIONAL SYMPOSIUM ON CLUSTER, CLOUD AND INTERNET COMPUTING, CCGRID; v. N/A, p. 10-pg., 2025-01-01.
Resumo
Quantum transition reached a new level of importance since NIST standardized post-quantum cryptographic algorithms in late 2024. Consequently, several studies addressed the required changes in existing technologies and systems embracing post-quantum algorithms to face an imminent quantum threat. Cloud-based environments are no different, especially when assuring correct authentication and authorization. We address the usage of post-quantum primitives embedded in identity-management systems, a crucial entity inside distributed systems. Our proposal is based on SPIFFE / SPIRE, an open-source framework for secure identity production, integrating post-quantum and classical primitives in a hybrid manner. Moreover, we discuss using X.509 certificates as part of our infrastructure and their performance, combining different digital signature algorithms. (AU)

Processo FAPESP:	20/09850-0 - Centro de Pesquisa Aplicada em Inteligência Artificial: impulsionando a transformação das indústrias rumo ao padrão 5.0
Beneficiário:	Jefferson de Oliveira Gomes
Modalidade de apoio:	Auxílio à Pesquisa - Programa Centros de Pesquisa Aplicada

URL curto