Interactive workshop by TNO and Zynyo at Post-Quantum Cryptography Conference

December 9, 2025

During the conference on post-quantum cryptography in Kuala Lumpur in October 2025, Sven Konings (Zynyo), Stefan van den Berg, and Alessandro Amadori (TNO) immersed participants in the world of quantum-safe cryptography. In a dynamic workshop, participants discovered how they can combine existing cryptographic methods with future-proof, quantum-safe techniques.

From theory to practice

With a maximum of 20 participants per workshop, the topics of post-quantum cryptography, hybrid certificates, digital signatures, and validation processes were explored in depth. Participants also had the opportunity to try their hand at these topics themselves. Through challenging assignments, they experienced how signing and validating digital signatures works in practice.

Hybrid certificates: the bridge between old and new

After a brief introduction, Stefan van den Berg explained how hybrid certificates for digital signatures work. These certificates allow you to incorporate two algorithms into a single certificate. This is useful because sometimes an algorithm needs to be replaced, but not all devices understand the new algorithm yet. By using two algorithms, older devices can check the old algorithm, while newer devices can check both.

Stefan van den Berg (TNO) demonstrates the difference between a classic key and a post-quantum key.

Stefan van den Berg (TNO) demonstrates the difference between a classic key and a post-quantum key. The latter is many times larger. This can cause problems for storage, key exchange, and speed.

Advantages of hybrid certificates

The use of hybrid certificates makes it easier to introduce new algorithms, such as one that is resistant to attacks from quantum computers. Another advantage is that new algorithms have not always been proven yet. By using both, the guarantees of the old algorithm are retained.

Variants of hybrid certificates

There are three types of hybrid certificates: composite, catalyst, and chameleon.
• Composite: two algorithms combined in one key
• Catalyst: the second algorithm in the extensions
• Chameleon: a second certificate (delta certificate) containing the second algorithm in the extensions

Puzzling for a certificate

The participants were divided into three teams, each with a challenge: putting together a digital certificate. Each puzzle piece represented a crucial part of the certificate. Just like with a real puzzle, everything had to be in exactly the right place and in the right order. With some strategic discussion, creative shuffling, and the necessary humor, all teams managed to solve the puzzle. It was a fun, hands-on way to experience how certificates actually work.

Workshop participants create a hybrid certificate by putting different fields together like puzzle pieces.

Workshop participants create a hybrid certificate by putting different fields together like puzzle pieces.

How can a certificate be trusted?

Stefan explained that certificates are signed with another certificate. This allows us to determine whether the certificate comes from a reliable source. A chain is created that can be traced back to a root certificate. The latter signs itself. There is an official list of reliable root certificates. Only certificates signed by such a root can be trusted.

Signing process for hybrid certificates

With hybrid certificates, we have two algorithms, which means that the signing process is different from that for 'regular' certificates. The process differs per variant:
• Catalyst: first, the extension (the second algorithm) signs the certificate, then the first algorithm signs the entire certificate
• Composite: both algorithms sign the certificate separately, which is then combined into a single signature
• Chameleon: first, the delta certificate is signed and placed in the extension, then the certificate is signed with the first algorithm

Colorful simulation of the signing process

The participants set to work simulating the signing process. Again in three groups, but each team was now given a different variant than last time. Each part of the certificate was assigned a color. A mapping (color chart) indicated that a bead with color A belonged with a bead with color B, and so on. By matching the colors assigned to the parts in the mapping and then placing the corresponding bead, the participants were able to sign the certificate. This highlighted the differences between the Catalyst, Composite, and Chameleon variants. An interactive and visual way to understand the signing process.

The beads, together with the mapping, symbolize the signing of a certificate.

The beads, together with the mapping, symbolize the signing of a certificate. A hybrid certificate contains two signatures. Here, the second one is created.

Participants assemble a hybrid certificate and add the signature.

A hybrid certificate assembled by the participants. Now the signature is added by means of the mapping (links) and the beads that symbolize the signature.

The reverse puzzle: validating a signature

Now the participants turned the puzzle around. By tracing the beads back through the mapping, the colors ended up at the certificate components to which they belonged. Were the colors correct? Then the signature was valid. The teams applied this to the variant they had not yet worked with. After some brainwork and a few aha moments, all groups successfully validated the signatures.

Signing PDF with hybrid certificate

To conclude, Sven explained how signing a PDF works when using a hybrid certificate. Using an interactive demo web app, participants were able to sign a PDF themselves with a hybrid certificate and then check whether the signature was valid. Digital Signature Services (DSS) is an EU software library to which Zynyo has added hybrid certificates and compared them with each other, including in terms of performance. We did this as part of the HAPKIDO project, which is developing a roadmap for the transition to a quantum-safe PKI. The HAPKIDO project is also mentioned on the government's webpage about quantum-safe cryptography.

See you next year!

After a lively question and answer session, the participants concluded the workshop. Inspired and with new insights, they are now looking forward to other workshops. Zynyo will also be present at the Post-Quantum Cryptography Conference in 2026, which will be held in Munich. Together with partners such as TNO, we want to organize another inspiring workshop. We hope to see you there!

Stefan van den Berg (TNO), Michiel Marcus (TNO), Sven Konings (ZYNYO), and Alessandro Amadori (TNO)

From left to right: Stefan van den Berg (TNO), Michiel Marcus (TNO), Sven Konings (ZYNYO), and Alessandro Amadori (TNO)