QKD: Part of a Defense-In-Depth Security Strategy

Quantum technology can provide benefits and risks to cybersecurity. Quantum key distribution (QKD), first described by Charles Bennett and Gilles Brassard in 1984^[1], is the basis for secure encryption based on the principles of quantum mechanics. In the ensuing four decades, QKD systems have been deployed around the world to provide secure encryption for terrestrial as well as satellite communication. On the other hand, quantum computers of sufficient capability will be capable of breaking currently used public key encryption. In 2016 the National Institute of Standards and Technology (NIST) began a program to standardize a series of quantum-resistant algorithms to replace current encryption standards thereby protecting against future cryptographically relevant quantum computers. This program is known as post-quantum cryptography or PQC. One of the tenets of cybersecurity is defense in depth, an approach that simultaneously provides multiple protections and seeks to avoid single points of failure. In this report, we describe the benefits of a hybrid QKD / PQC approach for a defense-in-depth strategy and address one of the limitations of QKD: initial authentication.

[1] C. H. Bennett and G. Brassard. “Quantum cryptography: Public key distribution and coin tossing”. In Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, volume 175, page 8. New York, 1984. http://researcher.watson.ibm.com/researcher/files/us-bennetc/