Challenges and Strategies for the Inclusion of Post-Quantum Algorithms in ICP-Brasil

  • Arthur G. C. Milanez UFSC
  • Victor L. de Souza UFSC
  • Giovani Pieri UFSC
  • Jean Martina UFSC
DOI: https://doi.org/10.5753/sbseg_estendido.2025.14942

Abstract


The article discusses the challenges and strategies for adapting certificate management software used in ICP-Brasil to post-quantum cryptography, in light of the threat posed by quantum algorithms such as Shor’s, which compromise the security of current systems. It presents a practical study on updating the Certificate Management System (SGC) to support post-quantum algorithms, highlighting regulatory difficulties. The work details the project phases, from research and training to integration and testing with HSMs. Finally, it underscores the importance of crypto agility and the need for interoperability tests and studies on smartcards to ensure the secure continuity of ICP-Brasil in the post-quantum scenario.

References

Brasil (2001). Medida provisória nº 2200-2, de 24 de agosto de 2001. Diário Oficial [da] República Federativa do Brasil.

Brasil (2020). Lei nº 14063/2020, de 23 de setembro de 2020. Diário Oficial [da] República Federativa do Brasil.

Housley, R., Polk, W., Turner, S., and Polk, T. (2008). Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280. Internet Engineering Task Force (IETF).

Instituto Nacional de Tecnologia da Informação (2024). gov.br. [link]. [Accessed 14-07-2025].

Moody, D., Perlner, R., Regenscheid, A., Robinson, A., and Cooper, D. (2024). Transition to post-quantum cryptography standards. Technical report, National Institute of Standards and Technology.

Nelson, D. B. (2011). Crypto-Agility Requirements for Remote Authentication Dial-In User Service (RADIUS). RFC 6421.

NIST (2024a). Module-lattice-based digital signature standard. DOI: 10.6028/NIST.FIPS.204. [Accessed 14-07-2025].

NIST (2024b). Module-lattice-based key-encapsulation mechanism standard. DOI: 10.6028/NIST.FIPS.203. [Accessed 14-07-2025].

NIST (2024c). Stateless hash-based digital signature standard. DOI: 10.6028/NIST.FIPS.205. [Accessed 14-07-2025].

Shor, P. (1994). Algorithms for quantum computation: discrete logarithms and factoring. In Proceedings 35th Annual Symposium on Foundations of Computer Science, pages 124–134.

tiinside.com.br (2007). ITI launches new phase of crypto platform — ti- inside.com.br. [link]. [Accessed 14-07-2025].

Vakarjuk, J., Snetkov, N., and Laud, P. (2024). Identifying obstacles of pqc migration in e-estonia. In 2024 16th International Conference on Cyber Conflict: Over the Horizon (CyCon), pages 63–81.

Weise, J. (2001). Public key infrastructure overview. Sun BluePrints OnLine, August, pages 1–27.
Published
2025-09-01
How to Cite

Select a Format
MILANEZ, Arthur G. C.; SOUZA, Victor L. de; PIERI, Giovani; MARTINA, Jean. Challenges and Strategies for the Inclusion of Post-Quantum Algorithms in ICP-Brasil. In: QUANTUM CYBERSECURITY WORKSHOP: THEORY, TECHNOLOGIES, AND APPLICATIONS - BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 25. , 2025, Foz do Iguaçu/PR. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2025 . p. 366-372. DOI: https://doi.org/10.5753/sbseg_estendido.2025.14942.