Google paves way for FIDO2 security keys that can resist quantum computer attacks

    Published on:

    FIDO2 security keys (YubiKey 5C NFC) offer a high level of protection, but better security is needed to defend against quantum computer attacks

    Adrian Kingsley Hughes/ZDNET

    Security keys are great stuff, so if you don’t already have some, I recommend this one you get a couple.

    Not familiar? A security key is a small dongle that connects to your computer or smartphone and replaces insecure SMS messages for account verification.

    If you’re asked to authenticate when logging into your account, instead of reaching for your phone to add a code from a text message, just tap your security key to log in.

    Also, this is the ultimate security key.Here’s why you need

    These are the best things that have happened to online security since password managers.

    But as quantum computers move into an era where they can handle workloads considered impossible today, security must also work to keep up with the dramatic increases in computing power that come with it.

    “Quantum attacks are still far off in the future, but deploying encryption at internet scale is a big undertaking, so it’s important to deploy it as early as possible,” said Ellie Verstein, Director of Cybersecurity and AI Research. Software engineer Fabian Kazmarczyk writes: Google Security Blog.

    “Especially for security keys, this process is important because once FIDO standardizes post-quantum resilient cryptography and this new standard is supported by major browser vendors, users will need to obtain new keys. is expected to be phased in.”

    Related article: 3 security gadgets I always carry with me

    How does Google protect security keys from the power of quantum computing?

    “Fortunately, Recent standardization of public-key quantum fault-tolerant cryptography dilithium algorithmWe now have a clear path to protect security keys from quantum attacks. ”

    One of the challenges is making all of this work with the very few hardware resources available with security keys. According to Google, they have optimized the code to run in as little as 20KB of memory, and have taken advantage of hardware acceleration to ensure a smooth user experience.

    Google expects this quantum computing resilience to be added to the FIDO2 core specification and supported by major web browsers in the near future.

    Also: Best Security Keys Right Now: Tested by Experts

    of blog post We will explain in more detail how this is achieved.

    In the meantime, we encourage you to protect yourself here and now with security keys. I recommend YubiKey 5C NFCwhich uses USB-C to act as a plug-in key and also uses NFC on iPhone and Android devices that support it.


    ZDNET recommendations

    YubiKey 5C NFC

    It’s the best thing that’s happened to online security since a password manager.


    Leave a Reply

    Please enter your comment!
    Please enter your name here