Quantum key distribution: Difference between revisions
(Create page - source - NCSC - https://www.ncsc.gov.uk/whitepaper/quantum-security-technologies) |
(Add link.) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
''Information technology - cybersecurity.'' | ''Information technology - cybersecurity - UK National Cyber Security Centre (NCSC).'' | ||
(QKD). | (QKD). | ||
Quantum | The UK's National Cyber Security Centre (NCSC) defines Quantum key distribution as follows: | ||
''(Source - UK National Cyber Security Centre.)'' | "Quantum Key Distribution is a mechanism for agreeing encryption keys between remote parties, relying on the properties of quantum mechanics to ensure that key has not been observed or tampered with in transit. | ||
Since traditional public key cryptography algorithms may be vulnerable to a future large-scale quantum computer, new approaches are required that do not share this vulnerability. | |||
QKD claims to offer a potential mitigation since its security properties are based on the laws of physics rather than the hardness of some underlying mathematical problems. | |||
QKD protocols provide a mechanism for two remote parties to agree a shared secret key, where the key cannot be observed or tampered with by an adversary without alerting the original parties. | |||
However, because QKD protocols do not provide authentication, they are vulnerable to physical man-in-the-middle attacks in which an adversary can agree individual shared secret keys with two parties who believe they are communicating with each other. | |||
For this reason, QKD protocols must be deployed alongside cryptographic mechanisms that ensure authentication. | |||
These cryptographic mechanisms must also be secure against the quantum threat." | |||
''(Source - Quantum security technologies - UK National Cyber Security Centre.)'' | |||
== See also == | == See also == | ||
* [[Authentication]] | |||
* [[Cryptography]] | * [[Cryptography]] | ||
* [[Cybersecurity]] | * [[Cybersecurity]] | ||
| Line 22: | Line 38: | ||
* [[Key performance indicator]] (KPI) | * [[Key performance indicator]] (KPI) | ||
* [[Key risk indicator]] (KPI) | * [[Key risk indicator]] (KPI) | ||
* [[Man-in-the-middle attack]] | |||
* [[National Cyber Security Centre]] (NCSC) | * [[National Cyber Security Centre]] (NCSC) | ||
* [[Post-quantum cryptography]] (PQC) | |||
* [[Private key]] | * [[Private key]] | ||
* [[Public]] | * [[Public]] | ||
| Line 31: | Line 49: | ||
* [[RSA encryption]] | * [[RSA encryption]] | ||
* [[Security]] | * [[Security]] | ||
==Other resource== | |||
*[https://www.ncsc.gov.uk/whitepaper/quantum-security-technologies Quantum security technologies - UK National Cyber Security Centre] | |||
[[Category:Accounting,_tax_and_regulation]] | [[Category:Accounting,_tax_and_regulation]] | ||
[[Category:Identify_and_assess_risks]] | [[Category:Identify_and_assess_risks]] | ||
[[Category:The_business_context]] | [[Category:The_business_context]] | ||
Latest revision as of 03:15, 21 March 2024
Information technology - cybersecurity - UK National Cyber Security Centre (NCSC).
(QKD).
The UK's National Cyber Security Centre (NCSC) defines Quantum key distribution as follows:
"Quantum Key Distribution is a mechanism for agreeing encryption keys between remote parties, relying on the properties of quantum mechanics to ensure that key has not been observed or tampered with in transit.
Since traditional public key cryptography algorithms may be vulnerable to a future large-scale quantum computer, new approaches are required that do not share this vulnerability.
QKD claims to offer a potential mitigation since its security properties are based on the laws of physics rather than the hardness of some underlying mathematical problems.
QKD protocols provide a mechanism for two remote parties to agree a shared secret key, where the key cannot be observed or tampered with by an adversary without alerting the original parties.
However, because QKD protocols do not provide authentication, they are vulnerable to physical man-in-the-middle attacks in which an adversary can agree individual shared secret keys with two parties who believe they are communicating with each other.
For this reason, QKD protocols must be deployed alongside cryptographic mechanisms that ensure authentication.
These cryptographic mechanisms must also be secure against the quantum threat."
(Source - Quantum security technologies - UK National Cyber Security Centre.)
See also
- Authentication
- Cryptography
- Cybersecurity
- Dual key
- Encryption
- Information technology
- Key
- Key Attributes
- Key control indicator (KPI)
- Key Information Document
- Key performance indicator (KPI)
- Key risk indicator (KPI)
- Man-in-the-middle attack
- National Cyber Security Centre (NCSC)
- Post-quantum cryptography (PQC)
- Private key
- Public
- Public key
- Public key encryption
- Public key infrastructure
- Quantum computing
- RSA encryption
- Security
