Authors: Nicole Franzoi, Stephan Krenn, Thomas LorĂ¼nser, Sebastian Ramacher
URL: https://ieeexplore.ieee.org/document/11000141
Secure communication in large-scale quantum key distribution (QKD) networks relies on the key management layer to establish a key between any two nodes in the network. For non-adjacent nodes key forwarding is applied and secure keys are one-time pad encrypted with key material obtained from individual QKD links on a hop-by-hop basis from the initiator to the receiver. Notably, in a distributed setting, this requires that the nodes along the path be fully trusted, since they are given plaintext access to the secret during re-encryption.In this work, we propose a security model for the key forwarding process that provides confidentiality of the key with respect to all nodes that are not on the selected path from initiator to receiver. The model also captures the authenticity of the forwarded key in a sense that the key at the receiver is the same as the one sent by the initiator. Furthermore, in case the authenticity check fails, the receiver can identify the link that violated the authenticity guarantees by accident or on purpose. Finally, we provide a protocol for secure authentic key forwarding based on unconditionally hiding commitment schemes and unforgeable signature schemes that achieves confidentiality of the transmitted keys in an information theoretic sense of security whereas authenticity requires computationally secure primitives.