On the Security of Offloading Post-Processing for Quantum Key Distribution

TL;DR

This paper explores secure methods for offloading computationally intensive post-processing tasks in quantum key distribution to untrusted hardware, analyzing the feasibility for different QKD types and proposing multi-server protocols.

Contribution

It introduces secure offloading techniques for QKD post-processing, highlighting their applicability to discrete-variable QKD and limitations for continuous-variable QKD.

Findings

Error correction can be securely offloaded for discrete-variable QKD.

The method does not extend to long-distance continuous-variable QKD.

Multi-server protocols can be used for error correction and privacy amplification.

Abstract

Quantum key distribution (QKD) has been researched for almost four decades and is currently making its way to commercial applications. However, deployment of the technology at scale is challenging, because of the very particular nature of QKD and its physical limitations. Among others, QKD is computationally intensive in the post-processing phase and devices are therefore complex and power hungry, which leads to problems in certain application scenarios. In this work we study the possibility to offload computationally intensive parts in the QKD post-processing stack in a secure way to untrusted hardware. We show how error correction can be securely offloaded for discrete-variable QKD to a single untrusted server and that the same method cannot be used for long distance continuous-variable QKD. Furthermore, we analyze possibilities for multi-server protocols to be used for error correction and privacy amplification. Even in cases where it is not possible to offload to an external server, being able to delegate computation to untrusted hardware components on the device could improve the cost and certification effort for device manufacturers.