A Quantitative Method for Evaluating Security Boundaries in Quantum Key Distribution Combined with Block Ciphers

TL;DR

This paper introduces a quantitative method to evaluate the security benefits of combining Quantum Key Distribution with block ciphers, focusing on key renewal periods and their impact on cryptographic security.

Contribution

It proposes a novel quantitative evaluation approach for security strength in QKD and block cipher systems, emphasizing key renewal strategies and their security implications.

Findings

Rekeying k times adds log2(k) to 2log2(k) bits of security.

The method provides a precise measure of security benefits in hybrid QKD-block cipher systems.

Balancing security and efficiency is achievable through optimized key renewal periods.

Abstract

With the rapid development of quantum computing, classical cryptography systems are increasingly vulnerable to security threats, thereby highlighting the urgency of constructing architectures that are resilient to quantum computing attacks. While Quantum Key Distribution (QKD) offers security with information-theoretic guarantees, its relatively low key generation rate necessitates integration with classical cryptographic techniques, particularly block ciphers such as AES and SM4, to facilitate practical applications. However, when a single QKD-key is employed to encrypt multiple data blocks, the reduction in cryptographic security strength has not yet been quantitatively analyzed. In this work, we focus on the security strength in the application scenario where QKD is combined with block ciphers. We propose a quantitative evaluation method for the security benefits of the QKD-key renewal period, aiming to provide a precise measure of the cryptographic security strength in such hybrid systems. Our method is based on concrete security paradigm of block cipher modes of operation. We demonstrate that under practical security level requirements, for files consisting of specific blocks, rekeying k times can provide an additional log2(k) to 2log2(k) bits of security. Our research offers a novel perspective on balancing the security and efficiency of QKD-based encryption.