Quantum key distribution

From ACT Wiki
Jump to navigationJump to search

Information technology - cybersecurity - UK National Cyber Security Centre (NCSC).


The UK's National Cyber Security Centre (NCSC) defines Quantum key distribution as follows:

"Quantum Key Distribution is a mechanism for agreeing encryption keys between remote parties, relying on the properties of quantum mechanics to ensure that key has not been observed or tampered with in transit.

Since traditional public key cryptography algorithms may be vulnerable to a future large-scale quantum computer, new approaches are required that do not share this vulnerability.

QKD claims to offer a potential mitigation since its security properties are based on the laws of physics rather than the hardness of some underlying mathematical problems.

QKD protocols provide a mechanism for two remote parties to agree a shared secret key, where the key cannot be observed or tampered with by an adversary without alerting the original parties.

However, because QKD protocols do not provide authentication, they are vulnerable to physical man-in-the-middle attacks in which an adversary can agree individual shared secret keys with two parties who believe they are communicating with each other.

For this reason, QKD protocols must be deployed alongside cryptographic mechanisms that ensure authentication.

These cryptographic mechanisms must also be secure against the quantum threat."

(Source - Quantum security technologies - UK National Cyber Security Centre.)

See also

Other resource