Send the Key in Cleartext: Halving Key Consumption while Preserving Unconditional Security in QKD Authentication

TL;DR

This paper introduces an authentication scheme for QKD that halves key consumption by using a response-based approach with universal composability security guarantees.

Contribution

It presents a novel ITS authentication scheme that reduces key consumption to one per round, improving efficiency over existing methods.

Findings

Halves key consumption compared to previous schemes.

Achieves unconditional security within the UC framework.

Uses $oldsymbol{ ext{ extit{ extvarepsilon}-ASU}_2}$ functions for authentication.

Abstract

Quantum Key Distribution (QKD) protocols require Information-Theoretically Secure (ITS) authentication of the classical channel to preserve the unconditional security of the distilled key. Standard ITS schemes are based on one-time keys: once a key is used to authenticate a message, it must be discarded. Since QKD requires mutual authentication, two independent one-time keys are typically consumed per round, imposing a non-trivial overhead on the net secure key rate. In this work, we present the authentication-with-response scheme, a novel ITS authentication scheme based on $\varepsilon$-Almost Strongly Universal$_2$ ($\varepsilon$-ASU$_2$) functions, whose IT security can be established in the Universal Composability (UC) framework. The scheme achieves mutual authentication consuming a single one-time key per QKD round, halving key consumption compared to the state-of-the-art.