Using QKDLite to implement Digital QKD: Supporting Quantum-Safe Communications for Cloud Applications

This article explores how pQCee’s QKDLite offers a practical, software-based approach to quantum-safe key management without the complexity of physical QKD systems.

Introduction

Key management has long been a challenge since the inception of cryptography. From provisioning to distribution to rotation and expiration, managing the secrecy of cryptographic keys has plagued modern security systems.

Previously, the advent of public key cryptography and subsequent development of Public Key Infrastructure (PKI) enabled scalable key distribution based on asymmetric encryption algorithms, such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC). However, the emergence of quantum computers threatens such classical cryptographic primitives, where algorithms such as Shor’s algorithm can factor large integers into their primes in polynomial time, rendering RSA and other encryption schemes vulnerable.

The industry needs to migrate to quantum-safe methods, including transitioning to Quantum Key Distribution (QKD). However, QKD comes with its own complexities, considering the specialized setup of physical infrastructure. To work around these limitations, pQCee’s QKDLite offers a software implementation of a lightweight digital QKD to provide a quantum-safe solution for current cloud applications.

What is QKD?

Quantum key distribution leverages the properties of quantum photonics to securely establish a secret cryptographic key between two parties over a quantum channel, typically a fiber optic cable. A Quantum Key Distribution Entity (QKDE) transmits encoded photons which are measured by the receiver. Due to the no-cloning theorem and the disturbance caused by quantum measurement, the act of eavesdropping is detectable, thus establishing a tamper-evident channel.

Unlike classical key distribution methods, which rely on the computational complexity of mathematics as security, QKD is provably secure against classical and quantum attacks, including man-in-the-middle attacks.

The need for digital QKD

Despite the theoretical advantages of QKD, its practical implementation is currently limited in many ways.

A current drawback of QKD is that in addition to the quantum channel, there is a requirement for a classical authenticated channel for key verification between QKDEs, which creates a dependency on classical security systems and compromises the overall end-to-end quantum safety that QKD intends to solve.

Bigger than this is the issue of high infrastructure overheads required for QKD networks to reach mass adoption, and its associated costs. Not only are multiple QKDEs needed, but in the case they are linked by optic fiber cables, these are sensitive to environmental conditions and currently cannot sustain transmission of photons beyond lengths of a few hundred kilometers. In the case that laser and satellite links are used to transmit photons, the cost to set up satellites, ground stations and equipment is significant, in addition to managing and overcoming weather conditions. On top of physical integration, current software and cloud applications must be able to connect to and pull sufficient keys from QKDEs in a quantum-safe manner.

QKDLite as a digital QKD

One possibility is for QKD to be implemented today with a ‘digital QKD’ – a completely classical-based module that acts as a QKD yet can be instantiated much closer to cloud applications. This works around the current lack of physical infrastructure and integrates with current software systems, providing a quantum-safe solution usable today. pQCee’s QKDLite is designed to act as such a digital QKD instance, providing a tamper-evident key usage, quantum randomness and ephemeral keys.

Key Generation

Currently, QKDLite supports connection with a pair of QKDEs or a QRNG (Quantum Random Number Generator) for quantum-safe key provisioning. If two QKDLite instances are connected to a pair of QKDEs, they can request for quantum keys via a REST API and push the keys into tamper-proof storage such as an HSM at both sides while adhering to the latest ETSI protocol. Alternatively, QKDLite supports internal creation of keys given values from a QRNG in conjunction with post-quantum cryptography, resulting in quantum-safe keys that can also be used and stored without any QKDE infrastructure. Any keys that are generated in this way can be exported to another QKDLite instance using quantum-safe libraries. In either case, users have access to a shared set of quantum-safe keys available for consumption without needing to directly interface with QKDEs.

Since QKDLite is directly involved in key generation, it allows for custom key policy management: controlling key availability, rotation and expiration. The number of keys always available can be set, as well as how often keys are refreshed, accommodating for high-volume usage of ephemeral keys that may be needed in cloud applications.

QKDLite’s key usage is also tamper-evident. Since each key exists on both instances of the pair of digital QKDs, key consumption can be tracked, enabling detection of unauthorized key usage.

An Example: Secure File Transfer

This concept is best illustrated by the example of securing files for transfer. At both QKDLite instances, there are 3 keys set up. Alice wants to encrypt and send a file to Bob, as shown in Figure 1 below.

Figure 1. Initial setup of file transfer with three keys.

Alice consumes a key from QKDLite A, the QKDLite instance to which she is connected, to encrypt the file. The key remains at the other QKDLite instance, QKDLite B, as displayed in Figure 2.

Figure 2. Alice’s file is now encrypted, and a key at QKDLite A has been consumed.

Alice sends the encrypted file to Bob over the internet through email. Bob receives the encrypted file (Fig. 3) and consumes the same key pulled from his QKDLite instance to decrypt and view the file (Fig. 4).

Figure 3. Bob has received the encrypted file from Alice.
Figure 4. Bob consumes the same key to decrypt and view the file.

In the unideal scenario that Eve intercepts the encrypted file (Fig. 5), file decryption depends on whether Eve has access to the decryption key at QKDLite B and who consumes the key first. If Eve has no access to QKDLite B, she cannot decrypt the file she intercepted. If she has access to the QKDLite instance but Bob consumes the key first, Eve will not be able to decrypt the file.

Figure 5. Eve has intercepted the encrypted file. This diagram illustrates the case where both Eve and Bob have a copy of the encrypted file, and have access to QKDLite B. So the one to decrypt the file depends on who consumes the decryption key (yellow) first.

In the worst case, Eve decrypts the file by consuming the decryption key at QKDLite B. But if Bob tries to decrypt the file and finds he cannot, he is notified that the file has been decrypted since the key has been consumed, ensuring a tamper-evident key usage system.

What’s next for QKDLite?

By relying on quantum-safe cryptography as opposed to quantum photonics, digital QKDs such as QKDLite can quickly integrate with current software implementations without massive infrastructure overhead, providing quantum-safe keys for use. The advantage is even more apparent for more complex cloud applications that require high availability and implementation of a fail-safe for quantum key management is needed. QKDLite can be horizontally scaled such that the failure of any digital QKD instance does not impact the overall availability of the key distribution infrastructure.

Try out the demo QKDLite for Secure File Transfer here: https://qkdlite.pqcee.com/

Author

Shanelle Tan

Shanelle is an intern at pQCee. She recognizes how important cybersecurity is in today’s digital world, especially the need for quantum-safe systems. She enjoys learning about all things security and post-quantum as she continues her studies in software engineering.


Be first to comment
Leave a reply