This implementation involves securely transfer cryptographic material from a Hardware Security Module (HSM) to a backup HSM via a Virtual Private Network (VPN) data link that safeguards the transfer with Quantum Key Distribution (QKD) adding an unbreakable encryption layer. This ensures redundancy in case of a primary site failure.
The use case expectations center on showcasing the seamless integration of Quantum Key Distribution (QKD) and the ETSI 014 protocol within conventional Virtual Private Networks (VPN) and encryption frameworks. This integration aims to leverage the principles of quantum physics to ensure both, the confidentiality and integrity of sensitive data. The demonstration seeks to highlight the synergistic relationship between advanced quantum cryptography and established encryption protocols, emphasizing their combined strength in safeguarding data transmission.
Moving into use case implementation, key material is securely stored in Hardware Security Modules to facilitate sensitive cryptographic operations. The link between two HSMs, used for High Availability (HA) partition synchronization/cloning is fortified through a Quantum Key Distribution (QKD)-based VPN, ensuring enhanced protection against potential breaches. To illustrate these concepts, a Demo App will simulate typical IT cryptographic operations, such as signing key material by utilizing the PKCS#11 interface of the HSMs, providing a tangible example of the proposed implementation’s functionality and security measures.
ABOUT QCI-CAT
Building on the long research experience of Austrian institutions in the field of quantum technologies, the project QCI-CAT aims at an adoption of modern encryption technology based on QKD for highly secure communication between public authorities.
QCI-CAT will investigate and verify new security applications for public authorities, such as secret sharing and message authentication.
Additionally, QCI-CAT will also leverage a research testbed for new technological approaches such as the combination of post-quantum encryption with QKD, long-distance QKD with secured trusted nodes and field trials of quantum repeaters.