On Post-Quantum Cryptography Authentication for Quantum Key Distribution

TL;DR

This paper proposes a scalable authentication method for Quantum Key Distribution networks using Post-Quantum Cryptography, addressing the limitations of pre-shared keys in large networks.

Contribution

It introduces a PQC-based PKI approach for QKD authentication, enhancing scalability and quantum resistance over traditional methods.

Findings

PQC-based authentication enables scalable QKD network expansion.

The approach ensures information-theoretic security against quantum adversaries.

Compatibility with protocols like TLS demonstrates practical applicability.

Abstract

The traditional way for a Quantum Key Distribution (QKD) user to join a quantum network is by authenticating themselves using pre-shared key material. While this approach is sufficient for small-scale networks, it becomes impractical as the network grows, due to the total quadratic increase in the number of pre-shared keys required. To address this scalability issue, Public Key Infrastructure (PKI) combined with Post-Quantum Cryptography (PQC) offers a more scalable solution, allowing users to authenticate the QKD traffic remotely to obtain information-theoretical secure (ITS) keys under the presented assumptions. Unlike traditional PKI, which relies on classical cryptographic algorithms such as RSA, the approach presented in this paper leverages PQC algorithms that are believed to be resistant to quantum attacks. Similarly to the SIGMA or TLS protocols, authentication, confidentiality, and integrity are achievable against bounded adversaries to ensure secure and scalable quantum networks.