On PQ/T Hybrid Verifiable Credentials and Presentations to Build Trust in IoT Systems

Post Quantum Cryptography (PQC) is relatively new and has yet to stand the test of time. Therefore, one of the challenges of the transition to PQC is to design protocols that can withstand this revolution without losing the level of security provided by the use of traditional quantum-vulnerable algorithms. Among the vast number of protocols and frameworks that require transition, the digital identity is one of the most important, especially in the case of Internet of Things (IoT) systems. Self-Sovereign Identity (SSI) is a decentralized model to build and to prove the identity with full control over the data. This paper presents for the first time the design of a Post-Quantum/Traditional (PQ/T) hybrid SSI framework. The enabling component of the hybrid framework is the novel design of PQ/T hybrid verifiable credential and presentation, featuring a PQ/T combined proof with backward compatibility. The paper concludes with a complete design and a performance estimation on a well-resourced IoT node.