Abstract
This paper presents a way to integrate a Post-Quantum Cryptography key exchange mechanism based on the encryption and signature algorithms currently being standardized by the National Institute of Standards and Technology into a Quantum Key Distribution platform. In contrast to Quantum Key Distribution, the security of Post-Quantum Cryptography is based on the mathematical complexity of the cryptographic algorithms. The unique feature of the presented solution is that the Post-Quantum Cryptography key exchange mimics a Quantum Key Distribution system. As implemented, the encryption keys are continuously exchanged between the nodes that are part of the OpenQKD testbed Berlin and then stored in a secure key store. The testbed’s key management can distinguish between Quantum Key Distribution and Post-Quantum Cryptography keys based on metadata information, allowing applications to select the appropriate key type. This architecture enables interoperability between the two technologies and may also provide a means to deliver quantum-secure keys to the end user by leveraging Post-Quantum Cryptography to secure the last mile.
This work is partly funded by the European Research and Innovation Program Horizon 2020 under the contract number 857156 (OpenQKD). Further details can be found at https://openqkd.eu.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aura, T.: Strategies against replay attacks. In: Proceedings 10th Computer Security Foundations Workshop, pp. 59–68 (1997). https://doi.org/10.1109/CSFW.1997.596787
Biham, E., Boyer, M., Boykin, P.O., Mor, T., Roychowdhury, V.: A proof of the security of quantum key distribution. In: Proceedings of the Thirty-second Annual ACM Symposium on Theory of Computing, pp. 715–724 (2000)
Braun, R.P., Geitz, M., Döring, R., Ritter, M.: Berlin openqkd testbed evaluating quantum key distribution in provider networks (2022). in press
Castryck, W., Decru, T.: An efficient key recovery attack on SIDH (preliminary version). Cryptology ePrint Archive (2022)
Diamanti, E., Lo, H.K., Qi, B., Yuan, Z.: Practical challenges in quantum key distribution. npj Quantum Inf. 2(1), 1–12 (2016)
Döring, R., Geitz, M.: Post-quantum cryptography in use: empirical analysis of the TLS handshake performance. In: NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, pp. 1–5 (2022). https://doi.org/10.1109/NOMS54207.2022.9789913
Geitz, M., Döring, R., Braun, R.P.: Hybrid QKD and PQC protocols implemented in the berlin OpenQKD testbed (2022). in press
Huttner, B., et al.: Long-range QKD without trusted nodes is not possible with current technology. npj Quantum Inf. 8(1), 1–5 (2022)
Lamas-Linares, A., Kurtsiefer, C.: Breaking a quantum key distribution system through a timing side channel. Opt. Express 15(15), 9388–9393 (2007)
Leach, P., Mealling, M., Salz, R.: A universally unique identifier (uuid) urn namespace. Technical report (2005)
Moody, D.: Let’s get ready to rumble. the nist pqc “competition”. In: Proceedings of First PQC Standardization Conference, pp. 11–13 (2018)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)
Takeoka, M., Guha, S., Wilde, M.M.: Fundamental rate-loss tradeoff for optical quantum key distribution. Nat. Commun. 5(1), 1–7 (2014)
The Open Quantum Safe project: liboqs - an open source c library for quantum-safe cryptographic algorithms (2022). https://github.com/open-quantum-safe/liboqs. Accessed 1 Dec 2022
The Open Quantum Safe Project: Software for prototyping quantum-resistant cryptography (2022). https://openquantumsafe.org/. Accessed 1 Dec 2022
Ulitzsch, V., Seifert, J.P.: Breaking the quadratic barrier: Quantum cryptanalysis of milenage, telecommunications’ cryptographic backbone. Cryptology ePrint Archive (2022)
Yoshimizi, T., et al.: Quantum key distribution (QKD); protocol and data format of rest-based key delivery API (2019)
Acknowledgements
The authors would like to thank their OpenQKD partners for providing the necessary QKD, network, and user equipment and for assisting with the integration of the devices into the testbed. This includes 1,310 nm and 1,550 nm QKD systems from IDQuantique and Toshiba, 10 Gbps network encryptors from ADVA, and IPSec devices from Thales.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Döring, R., Geitz, M., Braun, RP. (2024). Post-Quantum Cryptography Key Exchange to Extend a High-Security QKD Platform into the Mobile 5G/6G Networks. In: Femmam, S., Lorenz, P. (eds) Recent Advances in Communication Networks and Embedded Systems. ICCNT 2022. Lecture Notes on Data Engineering and Communications Technologies, vol 205. Springer, Cham. https://doi.org/10.1007/978-3-031-59619-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-031-59619-3_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-59618-6
Online ISBN: 978-3-031-59619-3
eBook Packages: EngineeringEngineering (R0)