We present the first experimental network prototype that relies on both quantum key distribution (QKD) and a post-quantum key encapsulation mechanism for security against Shor’s algorithm. By building a combined cryptographic ecosystem, we circumvent the limitations that would be present if each solution were to be used in isolation, and ensure full compatibility between quantum networks and legacy infrastructure. We introduce lesser-trusted nodes, that extend the range of QKD using the same techniques as a trusted-node architecture, but which contain an extra layer of computational security to protect against compromised intermediaries. Finally, the speed advantage of QKD over post-quantum alternatives is quantified as part of a system for secure entropy backups. Options are introduced that, depending on security requirements, allow users to either encrypt with post-quantum-distributed keys directly or perform a quantum-secure conversion by using them as the initial shared secret in QKD. Together, these developments are the first step towards fully integrating QKD with other cryptographic primitives. This is an essential transition that must be made if QKD is ever to achieve widespread deployment in the real world.
|Publication status||Published - 2 Apr 2019|
|Event||BQIT:19 - |
Duration: 1 Apr 2019 → 3 Apr 2019
|Period||1/04/19 → 3/04/19|