QKD-KEM: Hybrid QKD Integration into TLS with OpenSSL Providers
- URL: http://arxiv.org/abs/2503.07196v1
- Date: Mon, 10 Mar 2025 11:24:38 GMT
- Title: QKD-KEM: Hybrid QKD Integration into TLS with OpenSSL Providers
- Authors: Javier Blanco-Romero, Pedro Otero García, Daniel Sobral-Blanco, Florina Almenares Mendoza, Ana Fernández Vilas, Rebeca P. Díaz-Redondo,
- Abstract summary: We propose a hybrid QKD-KEM protocol with two distinct integration approaches.<n>A client-initiated flow compatible with both ETSI 004 and 014 specifications, and a server-initiated flow similar to existing work but limited to stateless ETSI 014 APIs.
- Score: 2.111102681327218
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Quantum Key Distribution (QKD) promises information-theoretic security, yet integrating QKD into existing protocols like TLS remains challenging due to its fundamentally different operational model. In this paper, we propose a hybrid QKD-KEM protocol with two distinct integration approaches: a client-initiated flow compatible with both ETSI 004 and 014 specifications, and a server-initiated flow similar to existing work but limited to stateless ETSI 014 APIs. Unlike previous implementations, our work specifically addresses the integration of stateful QKD key exchange protocols (ETSI 004) which is essential for production QKD networks but has remained largely unexplored. By adapting OpenSSL's provider infrastructure to accommodate QKD's pre-distributed key model, we maintain compatibility with current TLS implementations while offering dual layers of security. Performance evaluations demonstrate the feasibility of our hybrid scheme with acceptable overhead, showing that robust security against quantum threats is achievable while addressing the unique requirements of different QKD API specifications.
Related papers
- Hybrid Quantum Security for IPsec [1.8637078358591843]
This paper presents the first systematic comparison of sequential versus parallel hybrid QKD-PQC key establishment strategies for IPsec.<n>We introduce two novel approaches for incorporating QKD into Internet Key Exchange version 2 (IKEv2) with support for both ETSI GS QKD 004 stateful and ETSI GS QKD 014 stateless API specifications.<n>Our key insight is that parallel hybrid approaches eliminate the multiplicative latency penalties inherent in sequential methods mandated by RFC 9370.
arXiv Detail & Related papers (2025-07-12T13:54:04Z) - Hybrid Implementation for Untrusted-node-based Quantum Key Distribution Network [16.242325482656927]
Quantum key distribution (QKD) serves as a cornerstone of secure quantum communication.<n>We present a hybrid system that seamlessly integrates TF-QKD and MDI-QKD into one untrusted-node-based architecture.<n> Experiments demonstrate secure finite-size key rates for sending-or-not-sending QKD and MDI-QKD over fiber distances of 150 to 431 km.
arXiv Detail & Related papers (2025-03-07T02:27:41Z) - Application of $α$-order Information Metrics for Secure Communication in Quantum Physical Layer Design [45.41082277680607]
We study the $alpha$-order information-theoretic metrics based on R'enyi entropy.
We apply our framework to a practical scenario involving BPSK modulation over a lossy bosonic channel.
arXiv Detail & Related papers (2025-02-07T03:44:11Z) - High-Fidelity Coherent-One-Way QKD Simulation Framework for 6G Networks: Bridging Theory and Reality [105.73011353120471]
Quantum key distribution (QKD) has been emerged as a promising solution for guaranteeing information-theoretic security.<n>Due to the considerable high-cost of QKD equipment, a lack of QKD communication system design tools is challenging.<n>This paper introduces a QKD communication system design tool.
arXiv Detail & Related papers (2025-01-21T11:03:59Z) - Secure Multi-Party Biometric Verification using QKD assisted Quantum Oblivious Transfer [34.46964288961048]
We present a practical implementation of a secure multiparty computation application enabled by quantum oblivious transfer (QOT)<n>The QOT protocol uses polarization-encoded entangled states to share oblivious keys between two parties with quantum key distribution (QKD) providing authentication.<n>A practical use case is demonstrated for privacy-preserving fingerprint matching against no-fly lists from Interpol and the United Nations.
arXiv Detail & Related papers (2025-01-09T15:51:30Z) - Practical hybrid PQC-QKD protocols with enhanced security and performance [44.8840598334124]
We develop hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network.
In particular, we consider different hybrid designs that may offer enhanced speed and/or security over the individual performance of either approach.
arXiv Detail & Related papers (2024-11-02T00:02:01Z) - Quantum-Secured Data Centre Interconnect in a field environment [38.4938584033229]
Quantum key distribution (QKD) is an established quantum technology at a high readiness level.
In this article, we present the successful implementation of a QKD field trial within a commercial data centre environment.
The achieved average secret key rate of 2.392 kbps and an average quantum bit error rate of less than 2% demonstrate the commercial feasibility of QKD in real-world scenarios.
arXiv Detail & Related papers (2024-10-14T08:05:25Z) - The Road to Near-Capacity CV-QKD Reconciliation: An FEC-Agnostic Design [53.67135680812675]
A new codeword-based QKD reconciliation scheme is proposed.
Both the authenticated classical channel (ClC) and the quantum channel (QuC) are protected by separate forward error correction (FEC) coding schemes.
The proposed system makes QKD reconciliation compatible with a wide range of FEC schemes.
arXiv Detail & Related papers (2024-03-24T14:47:08Z) - Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.
This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z) - Improved coherent one-way quantum key distribution for high-loss
channels [0.0]
We present a simple variant of COW-QKD and prove its security in the infinite-key limit.
Remarkably, the resulting key rate of our protocol is comparable with both the existing upper-bound on COW-QKD key rate and the secure key rate of the coherent-state BB84 protocol.
arXiv Detail & Related papers (2022-06-17T00:07:03Z) - Practical continuous-variable quantum key distribution with composable
security [1.3255208832359193]
Continuous-variable (CV) QKD based on coherent states, despite being a suitable candidate for integration in the telecom infrastructure, has so far been unable to demonstrate composability.
We report the first Gaussian-modulated coherent state CVQKD system that is able to overcome these challenges and can generate composable keys secure against collective attacks with $N lesssim 3.5times108$ coherent states.
arXiv Detail & Related papers (2021-10-18T13:01:45Z) - High-dimensional coherent one-way quantum key distribution [0.0]
High-dimensional quantum key distribution (QKD) offers secure communication, with secure key rates that surpass those achievable by QKD protocols.
Existing high-dimensional QKD protocols require additional experimental resources, such as multiport interferometers and multiple detectors.
We present and analyze a novel protocol for arbitrary-dimensional QKD, that requires only the hardware of a standard two-dimensional system.
arXiv Detail & Related papers (2021-05-11T01:06:36Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.