Archivio Istituzionale della RicercaIn this article, we investigate the issue of authenticating the classical post-processing components of a QKD protocol through an insecure channel. Our analysis starts with state-of-the-art solutions and subsequently introduces an authentication scheme aiming at both Information Theoretic Security and resiliency from particular denial-of-service attacks targeting the authentication procedure. The proposed strategy combines -Almost Strongly Universal hashing for unconditional protection and computationally-secure Message Authentication Codes for DoS detection capability. Specifically, we consider the protocol security in a typical QKD scenario, taking into account partially weak authentication keys. Moreover, we add practical considerations related to authentication parameters and experimentally evaluate the performance of the proposed system in terms of computational complexity and key consumption in a reasonable use case.
Authentication Methods for Quantum Key Distribution: Challenges and Perspectives / Fregona, Giacomo; De Lazzari, Claudia; Giani, Damiano; Chirici, Fernando; Stocco, Francesco; Signorini, Edoardo; Morgari, Guglielmo; Occhipinti, Tommaso; Zavatta, Alessandro; Bacco, Davide (NATO SCIENCE FOR PEACE AND SECURITY SERIES. D, INFORMATION AND COMMUNICATION SECURITY). - In: Toward a Quantum-Safe Communication Infrastructure[s.l] : IOS Press, 2024. - pp. 54-66 [10.3233/NICSP240007]
Authentication Methods for Quantum Key Distribution: Challenges and Perspectives
Signorini, Edoardo;Morgari, Guglielmo;
2024
Abstract
In this article, we investigate the issue of authenticating the classical post-processing components of a QKD protocol through an insecure channel. Our analysis starts with state-of-the-art solutions and subsequently introduces an authentication scheme aiming at both Information Theoretic Security and resiliency from particular denial-of-service attacks targeting the authentication procedure. The proposed strategy combines -Almost Strongly Universal hashing for unconditional protection and computationally-secure Message Authentication Codes for DoS detection capability. Specifically, we consider the protocol security in a typical QKD scenario, taking into account partially weak authentication keys. Moreover, we add practical considerations related to authentication parameters and experimentally evaluate the performance of the proposed system in terms of computational complexity and key consumption in a reasonable use case.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2986686