Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Practical hybrid PQC-QKD protocols with enhanced security and performance

Pei Zeng, Debayan Bandyopadhyay, José A. Méndez Méndez, Nolan Bitner, Alexander Kolar, Michael T. Solomon, Ziyu Ye, Filip Rozpędek, Tian Zhong, F. Joseph Heremans, David D. Awschalom, Liang Jiang, Junyu Liu

TL;DR

This work develops hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network, which paves the way for joint quantum-classical communication networks, which leverage the advantages of both QKD and PQC and can be tailored to the requirements of various practical networks.

Abstract

Quantum resistance is vital for emerging cryptographic systems as quantum technologies continue to advance towards large-scale, fault-tolerant quantum computers. Resistance may be offered by quantum key distribution (QKD), which provides information-theoretic security using quantum states of photons, but may be limited by transmission loss at long distances. An alternative approach uses classical means and is conjectured to be resistant to quantum attacks, so-called post-quantum cryptography (PQC), but it is yet to be rigorously proven, and its current implementations are computationally expensive. To overcome the security and performance challenges present in each, here we develop hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network. In particular, we consider different hybrid designs that may offer enhanced speed and/or security over the individual performance of either approach. Furthermore, we present a method for analyzing the security of hybrid protocols in key distribution networks. Our hybrid approach paves the way for joint quantum-classical communication networks, which leverage the advantages of both QKD and PQC and can be tailored to the requirements of various practical networks.

Practical hybrid PQC-QKD protocols with enhanced security and performance

TL;DR

This work develops hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network, which paves the way for joint quantum-classical communication networks, which leverage the advantages of both QKD and PQC and can be tailored to the requirements of various practical networks.

Abstract

Quantum resistance is vital for emerging cryptographic systems as quantum technologies continue to advance towards large-scale, fault-tolerant quantum computers. Resistance may be offered by quantum key distribution (QKD), which provides information-theoretic security using quantum states of photons, but may be limited by transmission loss at long distances. An alternative approach uses classical means and is conjectured to be resistant to quantum attacks, so-called post-quantum cryptography (PQC), but it is yet to be rigorously proven, and its current implementations are computationally expensive. To overcome the security and performance challenges present in each, here we develop hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network. In particular, we consider different hybrid designs that may offer enhanced speed and/or security over the individual performance of either approach. Furthermore, we present a method for analyzing the security of hybrid protocols in key distribution networks. Our hybrid approach paves the way for joint quantum-classical communication networks, which leverage the advantages of both QKD and PQC and can be tailored to the requirements of various practical networks.

Paper Structure

This paper contains 2 equations, 3 figures.

Figures (3)

  • Figure 1: Illustration of two symmetric key distribution protocols used in our framework. (a) Prepare-and-measure quantum key distribution (QKD) protocols. (b) Key-encapsulation mechanism based on a post-quantum cryptography (PQC) system.
  • Figure 2: (a) Performance comparison of different symmetric key distribution protocols with respect to communication distance. (b) Design of a series-connection protocol where the end-user performance is higher than the bare usage of KEM or QKD without relay nodes. An example of the performance of this protocol for QKD links of length 10 km is plotted as a dashed green line in panel a.
  • Figure 3: Parallel key distribution protocols. (a) Simple XOR protocol. Symmetric keys $k_1$ and $k_2$ generated via KEM and QKD respectively are combined into $k = k_1 \oplus k_2$. (b) Secret-sharing-based protocol. Alice encodes a random message $m$ to multiple shares $s_i$ with a secret sharing (SS) scheme, then distribute the shares by different links with Bob. They keep the final message $m$ as the secret key bits.