Specific risk and Quantum key distribution: Difference between pages
imported>Doug Williamson (Link with Systematic risk page.) |
(Expand quote - source - NCSC - https://www.ncsc.gov.uk/whitepaper/quantum-security-technologies) |
||
| Line 1: | Line 1: | ||
''Information technology - cybersecurity.'' | |||
(QKD). | |||
"Quantum Key Distribution is a mechanism for agreeing encryption keys between remote parties, relying on the properties of quantum mechanics to ensure that key has not been observed or tampered with in transit. | |||
Since traditional public key cryptography algorithms may be vulnerable to a future large-scale quantum computer, new approaches are required that do not share this vulnerability. QKD claims to offer a potential mitigation since its security properties are based on the laws of physics rather than the hardness of some underlying mathematical problems. | |||
QKD protocols provide a mechanism for two remote parties to agree a shared secret key, where the key cannot be observed or tampered with by an adversary without alerting the original parties. However, because QKD protocols do not provide authentication, they are vulnerable to physical man-in-the-middle attacks in which an adversary can agree individual shared secret keys with two parties who believe they are communicating with each other. | |||
For this reason, QKD protocols must be deployed alongside cryptographic mechanisms that ensure authentication. These cryptographic mechanisms must also be secure against the quantum threat." | |||
''(Source - Quantum security technologies - UK National Cyber Security Centre.)'' | |||
== See also == | == See also == | ||
* [[ | * [[Cryptography]] | ||
* [[ | * [[Cybersecurity]] | ||
* [[ | * [[Dual key]] | ||
* [[ | * [[Encryption]] | ||
* [[ | * [[Information technology]] | ||
* [[ | * [[Key]] | ||
* [[Key Attributes]] | |||
* [[Key control indicator]] (KPI) | |||
* [[Key Information Document]] | |||
* [[Key performance indicator]] (KPI) | |||
* [[Key risk indicator]] (KPI) | |||
* [[Man-in-the-middle attack]] | |||
* [[National Cyber Security Centre]] (NCSC) | |||
* [[Private key]] | |||
* [[Public]] | |||
* [[Public key ]] | |||
* [[Public key encryption]] | |||
* [[Public key infrastructure]] | |||
* [[Quantum computing]] | |||
* [[RSA encryption]] | |||
* [[Security]] | |||
==Other resource== | |||
*[https://www.ncsc.gov.uk/whitepaper/quantum-security-technologies Quantum security technologies - UK National Cyber Security Centre] | |||
[[Category:Accounting,_tax_and_regulation]] | |||
[[Category:Identify_and_assess_risks]] | |||
[[Category:The_business_context]] | |||
[[Category: | [[Category:Accounting,_tax_and_regulation]] | ||
[[Category:Identify_and_assess_risks]] | |||
[[Category:The_business_context]] | |||
Revision as of 01:04, 3 February 2024
Information technology - cybersecurity.
(QKD).
"Quantum Key Distribution is a mechanism for agreeing encryption keys between remote parties, relying on the properties of quantum mechanics to ensure that key has not been observed or tampered with in transit.
Since traditional public key cryptography algorithms may be vulnerable to a future large-scale quantum computer, new approaches are required that do not share this vulnerability. QKD claims to offer a potential mitigation since its security properties are based on the laws of physics rather than the hardness of some underlying mathematical problems.
QKD protocols provide a mechanism for two remote parties to agree a shared secret key, where the key cannot be observed or tampered with by an adversary without alerting the original parties. However, because QKD protocols do not provide authentication, they are vulnerable to physical man-in-the-middle attacks in which an adversary can agree individual shared secret keys with two parties who believe they are communicating with each other.
For this reason, QKD protocols must be deployed alongside cryptographic mechanisms that ensure authentication. These cryptographic mechanisms must also be secure against the quantum threat."
(Source - Quantum security technologies - UK National Cyber Security Centre.)
See also
- Cryptography
- Cybersecurity
- Dual key
- Encryption
- Information technology
- Key
- Key Attributes
- Key control indicator (KPI)
- Key Information Document
- Key performance indicator (KPI)
- Key risk indicator (KPI)
- Man-in-the-middle attack
- National Cyber Security Centre (NCSC)
- Private key
- Public
- Public key
- Public key encryption
- Public key infrastructure
- Quantum computing
- RSA encryption
- Security
